Spyware app pcTattletale was hacked and its website defaced

Zack Whittaker
Updated ·2 min read
2

U.S.-made consumer-grade spyware app pcTattletale has been hacked and its internal data published to its own website, according to a hacker who claimed responsibility for the breach.

The hacker posted a message on pcTattletale's website late Friday, claiming to have hacked the servers containing pcTattletale's operations. The spyware maker's website briefly had links containing files from its servers, which appeared to include some victims' stolen data. TechCrunch is not linking to the site given the ongoing risk to victims, whose private data has already been compromised by the spyware.

pcTattletale's founder Bryan Fleming did not return an email requesting comment. It's not clear if Fleming can receive email due to his company's ongoing outage.

The hacker did not provide a specific motivation for the breach. The hack comes several days after a security researcher said he found and reported a vulnerability in the spyware app, which leaks the screenshots of the devices it was planted on. The researcher, Eric Daigle, said he did not publish specific details of the flaw because pcTattletale ignored requests to fix the vulnerability.

The hacker who compromised and defaced pcTattletale's website did not exploit the vulnerability that Daigle found but said pcTattletale's servers could be tricked into turning over the private keys for its Amazon Web Services account, which grants access to the spyware's operations.

pcTattletale, a kind of remote access app often referred to as "stalkerware" for its ability to track people without their knowledge or consent, allows the person who planted the app to remotely view the target’s Android or Windows device and its data from anywhere in the world. pcTattletale says the app "runs invisibly in the background on their workstations and cannot be detected." Spyware apps are stealthy by nature, and as such are difficult to identify and remove.

Earlier this week, TechCrunch revealed that pcTattletale was used to compromise the front desk check-in systems at several Wyndham hotels across the United States, which leaked screenshots of guest details and customer information. Wyndham would not say whether it authorized or allowed its franchised hotels to use the spyware app on its systems.

This is the latest example of a spyware maker losing control of the highly sensitive and personal data it collects from the devices of its targets. In recent years, more than a dozen spyware and stalkerware companies have been hacked or otherwise spilled victims' private data — in some cases several times over — according to an ongoing tally by TechCrunch.

That list of hacked spyware makers includes LetMeSpy, a spyware made by a Polish developer, which shut down in June 2023 after its systems were hacked and its back-end data deleted; and TheTruthSpy, a phone spyware operation created and operated by Vietnamese developers, which was hacked again in February.

Other hacked spyware makers include KidsGuard, Xnspy, Support King, Spyhide — and now pcTattletale.

If you or someone you know needs help, the National Domestic Violence Hotline (1-800-799-7233) provides 24/7 free, confidential support to victims of domestic abuse and violence. If you are in an emergency situation, call 911. The Coalition Against Stalkerware has resources if you think your phone has been compromised by spyware.