Bye Bye pcTattletale - When your SHIT hits the fan

Bye Bye pcTattletale - When your SHIT hits the fan

Over the last week, I enjoyed seeing how a stupid stalkerware provider was completely knocked out.

It all started on the 22nd of May, when TechCrunch reported about "Spyware found on US hotel check-in computers".

A week before the security researcher Eric Daigle contacted TechCrunch about the issue. Through an IDOR Eric was able to retrieve arbitrary screenshots of tracked devices.

Eric and TechCrunch tried to contact the provider / developers without any response.

Story could be over here. However, some parts of the Internet don't like stalkerware shit at all. Just search for #FuckStalkerware

So again, more people took a look at the crappy software. TLDR: It didn't end well.

Creating a dirty stalking app doesn't automatically mean that you have also a decent security awareness. As it turns out the crappy SOAP backend is sending you the AWS root-level credentials when registering a new stalking device. Who have thought, that this is a stupid idea. How we know about this? The perpetrator defaced pctattletale.com with the exact description how he did it.

Throughout the whole shitshow it also turned out, that the mastermind behind the crappy stalkerware infected himself to test / eat his own shit. This allowed the world to see how he miserably tried to recover it.

a glitchy edited screenshot of filezilla
Live Screenshot from the infected mastermind 💩

Btw. it has also been revealed that since 2011 a webshell was placed on the system, so you can be quite sure that some threat actor used the information for their needs.

Finally, on 27th of May TechCrunch reported: "Spyware maker pcTattletale says it’s ‘out of business’ and shuts down after data breach"

Case Closed :D Hopefully 😝

References:

Eric Daigle
Eric Daigle’ personal website
EXCLUSIVE: Spyware found on US hotel check-in computers
The check-in computers at several hotels around the U.S. are running a remote access app, which is leaking screenshots of guest information to the internet.
Spyware app pcTattletale was hacked and its website defaced | TechCrunch
pcTattletale’s website was briefly defaced and contained links containing files from the spyware maker’s servers, before going offline.
Spyware maker pcTattletale says it’s ‘out of business’ and shuts down after data breach | TechCrunch
The spyware maker’s founder, Bryan Fleming, said pcTattletale is “out of business and completely done,” following a data breach.
#FuckStalkerware pt. 6 - tattling on pcTattletale
spy gets hacked while spying on himself, hilarity ensues
PwnedTattletale