pcTattletale – Tracking application hacked, website attacked

An American consumer spyware application called pcTattletale was hacked and its internal data was published on its website. The hacker responsible for the attack posted a notice on pcTattletale’s website on Friday night, claiming to have hacked the servers where the app operates. Within a short time, pcTattletale’s website appeared with links containing files from their servers, which appeared to include some of the victim’s stolen data.

Currently, it is unclear whether pcTattletale founder, Mr. Bryan Fleming, received an email requesting comment on the incident due to the disruption to the company’s operations. The attacker did not reveal a specific reason for this action.

The attack occurred just a few days after a security expert discovered and reported a vulnerability in the spy application itself, allowing bad guys to steal screenshots of the device it was installed on. This expert, Mr. Eric Daigle, said he did not publicly disclose details about the vulnerability because pcTattletale ignored the patch request. The attacker who infiltrated and defaced pcTattletale’s website did not exploit the vulnerability Daigle found, but said an attacker could trick pcTattletale’s servers to obtain private keys for Amazon Web Services accounts. company, which allows access to spyware operations.

pcTattletale, a type of remote access application often called “stalkerware” for its ability to spy on others without their knowledge or consent, allowing the person installing the application to view remotely victim’s Android or Windows device and the data on it, wherever in the world. pcTattletale advertises that the app “runs in the background on their device and is undetectable.” The nature of spy apps is that they operate secretly, so they are difficult to identify and remove.

Previously, Techlade revealed that pcTattletale was used to infiltrate the front desk check-in system at several Wyndham hotels across the US, leading to the leak of screenshots containing detailed information. of cutomer. Wyndham did not disclose whether it allows its franchised hotels to use spy apps on their systems.

This is the latest case of a spyware maker losing control over the extremely sensitive and private data it collects from its targets’ devices. According to Techlade’s updated statistics, in recent years, more than a dozen spyware and stalkerware companies have been attacked or exposed victims’ private data – in some cases, this happened many times.

The list of hacked spyware makers includes LetMeSpy, a spyware created by a Polish developer that closed in June 2023 after its systems were hacked and data was taken. whether the platform is removed; and TheTruthSpy, a phone spyware operation built and operated by Vietnamese developers, continued to be attacked in February.

Other spyware manufacturers attacked include KidsGuard, Xnspy, Support King, Spyhide – and now pcTattletale.