pcTattleTale spyware leaks database containing victim screenshots, gets website defaced


The idea behind the software is simple. When the spying party installs the stalkerware, they grant permission to record what happens on the targeted Android or Windows device.

The observer can then log in on an online portal and activate recording, at which point a screen capture is taken on the target’s device. What goes around comes around, you might say. As you may have read many times before on our blog, some spyware companies have a surprisingly low standard of security .

Read more…
Source: Malwarebytes Labs


Sign up for our Newsletter


Related:

  • APT trends report Q3 2024

    November 28, 2024

    In the second half of 2022, a wave of attacks from an unknown threat actor targeted victims with a new type of attack framework that we dubbed P8. The campaign targeted Vietnamese victims, mostly from the financial sector, with some from the real estate sector. Later, in 2023, Elastic Lab published a report about an OceanLotus ...

  • 4 more nations sign on to US-led counter-spyware agreement

    September 23, 2024

    Austria, Estonia, Lithuania and the Netherlands on Sunday joined a U.S.-led pact designed to deter global spyware abuses, marking 21 nations signing onto the agreement after the alliance began with 11 participants in March of last year. The add-ins were fleshed out on the sidelines of the United National General Assembly, a State Department release said. ...

  • Internet surveillance firm Sandvine says it’s leaving 56 ‘non-democratic’ countries

    September 20, 2024

    Sandvine, the makers of surveillance-ware that allowed authoritarian countries to censor the internet and spy on their citizens, announced that it is leaving dozens of “non-democratic” countries as part of a major overhaul of the company. The company, which was founded in Canada, published a statement on Thursday, claiming that it now wants to be “a ...

  • President Urges Colombians to Check Their Phones for Pegasus Spyware

    September 10, 2024

    “Anyone who suspects illegal infection of their phones can consult this page or use the government service we will provide. I urge young people, especially those connected to youth leaders who disappeared or died during the strike, to use these services,” he stated on X. Last week, Petro revealed that the police purchased the Israeli company ...

  • US sanctions fail to deter Predator spyware utilization

    September 6, 2024

    Intellexa Group’s Predator spyware has experienced a resurgence in activity following a decline spurred by sanctions imposed by the Biden administration, reports The Record, a news site by cybersecurity firm Recorded Future. Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and ...

  • State-backed attackers and commercial surveillance vendors repeatedly use the same exploits

    August 29, 2024

    Google’s Threat Analysis Group (TAG) observed multiple in-the-wild exploit campaigns, between November 2023 and July 2024, delivered from a watering hole attack on Mongolian government websites. The campaigns first delivered an iOS WebKit exploit affecting iOS versions older than 16.6.1 and then later, a Chrome exploit chain against Android users running versions from m121 to m123. ...