pcTattletale spyware site hacked, data and source leaked
Take action: If you are making any software apply good security practices in your coding and API design. But this is especially important if you are developing spyware, since everyone will be looking for your mistakes. You have no friends.
Learn More
The pcTattletale spyware application, found at several Wyndham hotels in the U.S., has been targeted by a hacker who defaced its website and leaked over a dozen archives containing its database and source code.
This follows previous reports that the app, marketed as "employee and child monitoring software," was leaking real-time screenshots from Android devices due to a security flaw.
The hacker who defaced the site used a Python exploit to extract pcTattletale’s AWS credentials via its SOAP-based API, allowing access to the spyware’s source code and databases.
Previously, security researchers have discovered another an API vulnerability in pcTattletale that allows any attacker to access the most recent screenshots recorded by the spyware on any device. This vulnerability is distinct from a previously discovered Insecure Direct Object Reference (IDOR) flaw and makes it easy to retrieve captures from other devices. Despite attempts to notify pcTattletale’s developers, no action has been taken to address the issue.
Update - As of 29th of May 2024, the founder of Bryan Fleming pcTattletale claims he has deleted everything because the data breach could have exposed customers. This includes all S3 data and servers.
Microsoft tracks pcTattletale as a threat, noting it records user activities, such as keystrokes and screen images, and attempts to steal sensitive information. The current unresolved vulnerability continues to allow unauthorized access to sensitive information of users being monitored by pcTattletale.
