A hacker has defaced the web site of the pcTattletale adware software, discovered on the reserving techniques of a number of Wyndham inns in the US, and leaked over a dozen archives containing database and supply code knowledge.
As Vice reported three years in the past, this stalkerware app was additionally discovered leaking real-time screenshots from Android telephones.
Described by its builders as an “employee and child monitoring software,” pcTattletale is a consumer-grade adware answer that was leaking visitor particulars and buyer data captured from the inns’ check-in techniques due to an API safety vulnerability, based on TechCrunch.
Safety researcher Eric Daigle discovered the adware within the lodge’s techniques and printed a weblog put up explaining that the pcTattletale flaw he found can be utilized to entry screenshots the malware makes on different units.
“I recently discovered a serious vulnerability in PCTattletale’s API allowing any attacker to obtain the most recent screen capture recorded from any device on which PCTattletale is installed. It is distinct from the IDOR previously discovered by Jo Coscia, and makes it trivial to actually obtain captures from other devices,” Daigle stated.
“Unfortunately, PCTattletale have ignored Zack and I’s attempts at contacting them to fix the issue, so I can’t give any more details here to avoid encouraging abuse of the vulnerability. Hopefully the stalkerware author(s) can be bothered to fix the issue soon, at which point I can give a full writeup.”
In a YouTube video from seven years in the past, pcTattletale’s developer Bryan Fleming describes it as “Spy Software” whereas introducing its first Android check model.
“Download a free trial and put it on your Windows Home PC and watch how it works. It’s pretty amazing how it does a recording of keystrokes and you can see anything your kids are doing on the computer or your employees,” Fleming says within the video.
Whereas he describes it as spy software program, Microsoft tracks pcTattletale as a menace and says it “watches what you do on your PC, usually by recording your keystrokes or screen images” and it “tries to steal your sensitive and confidential information.”
Daigle’s makes an attempt to contact the builders to repair the safety flaw failed, and the vulnerability nonetheless permits entry to delicate data belonging to customers stalked utilizing the pcTattletale adware.
Whereas the safety researcher solely shared a restricted quantity of information relating to this extreme flaw, somebody took it as a problem, defacing the adware’s web site and leaking 20 archives containing supply code and knowledge dumped from pcTattletale’s databases.
Nonetheless, as the hacker says on the now-defaced web site, he did not exploit the vulnerability Daigle discovered. As a substitute, he claims he used a Python exploit to extract pcTattletale’s AWS credentials by way of its SOAP-based API, which supplied entry to the adware’s supply code and databases.
BleepingComputer reached out to Fleming with additional questions, however a response was not instantly out there.
