(844) 627-8267
(844) 627-8267

Spyware firm ‘out of business’ after data leaked on own site by hacker | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Spyware firm ‘out of business’ after data leaked on own site by hacker

A cyber attack on spyware app pcTattletale has killed the business, according to the company’s founder.

The company, which advertises itself as an employee and child monitoring service, is a consumer grade spyware or “stalkerware” app that allows users to monitor other devices by seeing screenshots of victim Android or Windows devices. Programs like pcTattletale can and have been used for nefarious purposes, monitoring victim devices to collect data or for snooping on spouses without consent.

Just days ago, the company’s website was defaced by a hacker, who published links containing data exfiltrated from tattletale’s servers. Data included customer data and data stolen from victims of the program. According to Have I Been Pwned via TechCrunch, the program had 138,000 customers.

Additionally, the hacker said that the programs servers could be fooled into handing over Amazon Web Services private keys. With this, the hacker was able to access the Amazon S3 storage used by pcTattletale and the 300 million screenshots stored on it.

The hacker did not disclose the reasoning for the attack.

Speaking with TechCrunch, company founder Bryan Fleming says that he is now unable to access the Amazon Web Service account.

“I deleted everything because the data breach could have exposed my customers,” he said.

“The account is closed; the servers are deleted.”

Fleming did not explain why the data was deleted without customers first being notified, and added that he did not keep a copy of the data. TechCrunch says he then stopped responding to inquiries.

pcTattletale had been at risk for some time, with a security researcher releasing a report not long before the breach outlining a vulnerability in which targeted devices could leak screenshots. However, the hacker did not exploit this vulnerability.

The pcTattletale website was taken offline 20 hours after the breach. It is still inaccessible at the time of writing.

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.


Click Here For The Original Story From This Source.


National Cyber Security