Spyware maker pcTattletale shutters after data breach



The founder of the spyware app pcTattletale said his company is “out of business and completely done” following a data breach over the weekend.

The shutdown comes days after a hacker defaced the spyware maker’s website and published links containing large amounts of data from pcTattletale’s servers, including databases of customers’ information and some victims’ stolen data.

pcTattletale was a remote surveillance app — often known as “stalkerware” for its ability to track people without their knowledge — that allowed the person who planted the app to remotely view screenshots of the victim’s Android or Windows device and its private data from anywhere in the world. pcTattletale advertised its spyware app as a way to monitor employees, but also openly promoted its ability to snoop on spouses and domestic partners without their consent, which is illegal. 

The now-defunct app had 138,000 customers who had signed up to use the service, per data breach notification site Have I Been Pwned.

On the defaced website, the hacker said pcTattletale’s servers could be tricked into turning over the private keys for its Amazon Web Services account, which the spyware maker used to store hundreds of millions of screenshots of the devices the spyware was planted on.

pcTattletale’s website remains offline at the time of writing.

pcTattletale founder Bryan Fleming told TechCrunch in a text message on Tuesday that he no longer has access to the company’s Amazon Web Services account.

“I deleted everything because the data breach could have exposed my customers,” said Fleming.

“The account is closed [and] the servers are deleted,” said Fleming.

An analysis of the exposed data shows that pcTattletale stored on its Amazon S3 storage server more than 300 million screenshots of victims’ devices dating back years. TechCrunch independently confirmed that there were publicly accessible screenshots from pcTattletale-monitored devices online.

It looks as if Amazon may have taken action against the spyware maker. The Amazon S3 storage server pcTattletale used to store device screenshots now reads “AllAccessDisabled,” an error code that Amazon uses to block all access to a customer’s account, including the customer, whose only recourse is to contact Amazon “for further assistance.” However, Fleming would not address the question of whether AWS had shut it down, and AWS spokesperson Grant Milne would not say, either. 

Fleming said he did not keep a copy of the data, and did not explain the company deleted the data without first notifying those whose information was exposed in the data breach. He stopped responding to our inquiries.

pcTattletale’s situation is not unique: Spyware apps are notoriously buggy and are known to leak or spill data. Federal regulators have in the past banned stalkerware makers from the surveillance industry for inadequate security practices. 

When asked about pcTattletale, FTC spokesperson Juliana Gruenwald Henderson said the agency does not comment on whether it is investigating a certain matter.

Other spyware makers have shut down after similar breaches. Polish-developed spyware LetMeSpy shut down in June 2023 after its systems were hacked and its customers’ data deleted, and spyware apps PhoneSpector and Highster shut down following a New York state investigation.




Source