Hacker Defaces Spyware Tool Website, Leaks Database and Source Code

A threat actor has breached and defaced the website of pcTattletale spyware application and dumped numerous archives containing source code and databases.

The tool was reportedly found on the booking systems of numerous Wyndham hotels in the United States. Despite the efforts of its developers to disguise it as “employee and child monitoring software,” pcTattletale’s true nature harbored a darker secret: due to an API vulnerability, the tool leaked private guest information harvested from the hotels’ check-in platforms.

Spyware Discovered in Hotel Booking Systems

Security researcher Eric Daigle identified the spyware in the hotel’s systems and published a comprehensive blog post about the findings. The post demonstrated that the tool can be weaponized to access screenshots it takes from people using their devices.

“I recently discovered a serious vulnerability in PCTattletale's API allowing any attacker to obtain the most recent screen capture recorded from any device on which PCTattletale is installed,” Daigle said in his blog post.

Flaw Still Hasn’t Been Patched

The researcher also tried to contact the developers to inform them about the shortcoming but got no response. Consequently, the flaw still hasn’t been patched, leaving the door open for potential threat actors to access sensitive data from users monitored with pcTattletale.

Although Daigle disclosed only minimal details about the critical vulnerability, it prompted someone to deface the spyware app’s website and leak 20 archives filled with source code and data harvested from its databases.

Hacker Defaced Spyware App’s Website and Leaked Data Trove

According to the hacker’s statement on the defaced website, they didn’t exploit the vulnerability Daigle discovered. Instead, the hacker claims to have extracted pcTattletale’s AWS credentials using a Python exploit.

In the meantime, the website has been taken offline and the data dump, consisting of device information, SMS texts and MD5 hashed passwords, has been added to the Have I Been Pwned data breach notification service.

Keeping Safe Against Spyware and Other Intrusions

Dedicated software such as Bitdefender Ultimate Security can keep spyware and other intrusions at bay. It encompasses advanced security features, including a comprehensive 24/7 monitoring and defense module, a network threat prevention module, and behavioral detection technology that takes instant action upon discovering suspicious activity in active apps.

Furthermore, Bitdefender Digital Identity Protection provides you with an extensive overview of your online data, including traces from no-longer-used services, notifies you instantly if your data has been leaked in a breach, and helps you patch holes in your digital footprint effortlessly.