Spyware app pcTattletale was hacked and its website defaced

Comment
U.S.-made consumer-grade spyware app pcTattletale has been hacked and its internal data published to its own website, according to a hacker who claimed responsibility for the breach.
The hacker posted a message on pcTattletale’s website late Friday, claiming to have hacked the servers containing pcTattletale’s operations. The spyware maker’s website briefly contained links containing files from its servers, which appeared to include some victims’ stolen data. TechCrunch is not linking to the site given the ongoing risk to victims, whose private data has already been compromised by the spyware.
pcTattletale’s founder Bryan Fleming did not return an email requesting comment. It’s not clear if Fleming can receive email due to his company’s ongoing outage.
The hacker did not provide a specific motivation for the breach. The hack comes several days after a security researcher said he found and reported a vulnerability in the spyware app itself, which leaks the screenshots of the devices it was planted on. The researcher, Eric Daigle, said he did not publish specific details of the flaw because pcTattletale ignored requests to fix the vulnerability.
The hacker who compromised and defaced pcTattletale’s website did not exploit the vulnerability that Daigle found, but said pcTattletale’s servers could be tricked into turning over the private keys for its Amazon Web Services account, which grants access to the spyware’s operations.
pcTattletale, a kind of remote access app often referred to as “stalkerware” for its ability to track people without their knowledge or consent, allows the person who planted the app to remotely view the target’s Android or Windows device and its data from anywhere in the world. pcTattletale says the app “runs invisibly in the background on their workstations and can not be detected.” Spyware apps are stealthy by nature, and as such are difficult to identify and remove.
Earlier this week TechCrunch revealed that pcTattletale was used to compromise the front desk check-in systems at several Wyndham hotels across the United States, which leaked screenshots of guest details and customer information. Wyndham would not say whether it authorized or allowed its franchised hotels to use the spyware app on its systems.
This is the latest example of a spyware maker losing control of the highly sensitive and personal data it collects from the devices of its targets. In recent years more than a dozen spyware and stalkerware companies have been hacked, or otherwise spilled victims’ private data — in some cases several times over — according to an ongoing tally by TechCrunch.
That list of hacked spyware makers includes LetMeSpy, a spyware made by a Polish developer, which shut down in June 2023 after its systems were hacked and its backend data deleted; and TheTruthSpy, a phone spyware operation created and operated by Vietnamese developers, which was hacked again in February. 
Other hacked spyware makers include KidsGuard, Xnspy, Support King, Spyhide — and now, pcTattletale.
Every weekday and Sunday, you can get the best of TechCrunch’s coverage.
Startups are the core of TechCrunch, so get our best coverage delivered weekly.
The latest Fintech news and analysis, delivered every Sunday.
TechCrunch Mobility is your destination for transportation news and insight.
By submitting your email, you agree to our Terms and Privacy Notice.
Last month, one of the Bay Area’s better-known early-stage venture capital firms, Uncork Capital, marked its 20th anniversary with a party in a renovated church in San Francisco’s SoMa neighborhood,…
The families of victims of the shooting at Robb Elementary School in Uvalde, Texas are suing Activision and Meta, as well as gun manufacturer Daniel Defense. The families bringing the…
Like most Silicon Valley VCs, what Garry Tan sees is opportunities for new, huge, lucrative businesses.
Everything in society can feel geared toward optimization – whether that’s standardized testing or artificial intelligence algorithms. We’re taught to know what outcome you want to achieve, and find the…
Miriam Vogel, profiled as part of TechCrunch’s Women in AI series, is the CEO of the nonprofit responsible AI advocacy organization EqualAI.
Google has been taking heat for some of the inaccurate, funny, and downright weird answers that it’s been providing via AI Overviews in search. AI Overviews are the AI-generated search…
When it comes to the world of venture-backed startups, some issues are universal, and some are very dependent on where the startups and its backers are located. It’s something we…
Welcome back to TechCrunch’s Week in Review — TechCrunch’s newsletter recapping the week’s biggest news. Want it in your inbox every Saturday? Sign up here. OpenAI announced this week that…
Accurate weather forecasts are critical to industries like agriculture, and they’re also important to help prevent and mitigate harm from inclement weather events or natural disasters. But getting forecasts right…
pcTattletale’s website was briefly defaced and contained links containing files from the spyware maker’s servers, before going offline.
Featured Article
Synapse’s bankruptcy shows just how treacherous things are for the often-interdependent fintech world when one key player hits trouble. 
Sarah Myers West, profiled as part of TechCrunch’s Women in AI series, is managing director at the AI Now institute.
Keeping up with an industry as fast-moving as AI is a tall order. So until an AI can do it for you, here’s a handy roundup of recent stories in the world…
Evan, a high school sophomore from Houston, was stuck on a calculus problem. He pulled up Answer AI on his iPhone, snapped a photo of the problem from his Advanced…
Welcome to Startups Weekly — Haje‘s weekly recap of everything you can’t miss from the world of startups. Sign up here to get it in your inbox every Friday. Well,…
Last year’s investor dreams of a strong 2024 IPO pipeline have faded, if not fully disappeared, as we approach the halfway point of the year. 2024 delivered four venture-backed tech…
Federal safety regulators have discovered nine more incidents that raise questions about the safety of Waymo’s self-driving vehicles operating in Phoenix and San Francisco.  The National Highway Traffic Safety Administration…
Terra One’s pitch deck has a few wins, but also a few misses. Here’s how to fix that.
Chinasa T. Okolo researches AI policy and governance in the Global South.
TechCrunch Disrupt takes place on October 28–30 in San Francisco. While the event is a few months away, the deadline to secure your early-bird tickets and save up to $800…
Another week, and another round of crazy cash injections and valuations emerged from the AI realm. DeepL, an AI language translation startup, raised $300 million on a $2 billion valuation;…
If raised, this new fund, the firm’s third, would be its largest to date.
About half a million patients have been notified so far, but the number of affected individuals is likely far higher.
Attention, tech enthusiasts and startup supporters! The final countdown is here: Today is the last day to cast your vote for the TechCrunch Disrupt 2024 Audience Choice program. Voting closes…
Featured Article
Among other things, Whittaker is concerned about the concentration of power in the five main social media platforms.
Lucid Motors is laying off about 400 employees, or roughly 6% of its workforce, as part of a restructuring ahead of the launch of its first electric SUV later this…
Google is investing nearly $350 million in Flipkart, becoming the latest high-profile name to back the Walmart-owned Indian e-commerce startup. The Android-maker will also provide Flipkart with cloud offerings as…
A Jio Financial unit plans to purchase customer premises equipment and telecom gear worth $4.32 billion from Reliance Retail.
Foursquare, the location-focused outfit that in 2020 merged with Factual, another location-focused outfit, is joining the parade of companies to make cuts to one of its biggest cost centers –…
“Running with scissors is a cardio exercise that can increase your heart rate and require concentration and focus,” says Google’s new AI search feature. “Some say it can also improve…
Powered by WordPress VIP

source
Sponsor:News technical sponsor
Sponsor:News AI sponsor
Sponsor: AI sponsor
Sponsor: AI sponsor

Leave a Comment

Vélemény, hozzászólás?

Az e-mail címet nem tesszük közzé. A kötelező mezőket * karakterrel jelöltük