Summarize

Simplifying... Inshort

US spyware app pcTattletale, often dubbed as "stalkerware" for its covert surveillance capabilities, has suffered a data breach.
The breach came after the company ignored a reported vulnerability that could leak screenshots from the devices it was installed on.
The hacker, however, exploited the company's servers to gain access, rather than the reported vulnerability.
The founder, Bryan Fleming, has remained silent post-breach, raising concerns about the company's communication during the ongoing outage.

Was a long read? Making it simpler...

Next Article

Internal data was published on pcTattletale's website itself

US spyware app pcTattletale suffers data breach

By Akash Pandey

May 26, 2024

01:22 pm

What's the story

The US-based spyware app, pcTattletale, has been hacked with its internal data published on its own website. A hacker claimed responsibility for the breach and posted a message on the company's website stating he had successfully infiltrated the servers containing pcTattletale's operations. For a brief period, links to files from the company's servers were visible on the site, potentially exposing victims' stolen data.

Stalkerware function

pcTattletale's role as "Stalkerware"

pcTattletale is a consumer-grade remote access app, which is often referred to as "stalkerware" due to its ability to track individuals without their knowledge or consent. The app allows users to remotely view data from Android or Windows devices from anywhere in the world. pcTattletale says the app "runs invisibly in the background on their workstations and can not be detected," making it a popular choice among users for covert surveillance.

Information

Founder remains silent post-breach

Bryan Fleming, the founder of pcTattletale, has yet to comment on the incident. His silence raises questions about his ability to receive emails due to the company's ongoing outage. The hacker responsible for the breach did not provide any specific motivation for their actions.

Ignored warning

Breach follows unaddressed vulnerability report

The breach occurred shortly after security researcher Eric Daigle reported a vulnerability in the spyware app. This flaw reportedly allowed the app to leak screenshots of the devices it was installed on. Daigle refrained from publishing specific details of this flaw as pcTattletale ignored his requests to rectify the vulnerability. Note that the hacker did not exploit this discovered vulnerability for the breach.

Information

Hacker claims exploitation of pcTattletale's servers

The hacker who compromised pcTattletale's website claimed to have manipulated the company's servers. He stated that pcTattletale's servers could be tricked into revealing the private keys for its Amazon Web Services account, granting access to the spyware's operations.