Spyware found on US hotel check-in computers
Reading Time: 3 minutesThe app, called pcTattletale, stealthily and continually captured screenshots of the hotel booking systems, which contained guest details and customer information. Thanks to a security flaw in the spyware, these screenshots are available to anyone on the internet, not just the spyware’s intended users.
This is the most recent example of consumer-grade spyware exposing sensitive information because of a security flaw in the spyware itself. It’s also the second known time that pcTattletale has exposed screenshots of the devices on which the app is installed. Several other spyware apps in recent years had security bugs or misconfigurations that exposed the private and personal data of unwitting device owners, in some cases prompting action by government regulators.
Guest and reservation details captured and exposed
pcTattletale allows whomever controls it to remotely view the target’s Android or Windows device and its data, from anywhere in the world. pcTattletale’s website says the app ‘runs invisibly in the background on their workstations and can not be detected.’
But the bug means that anyone on the internet who understands how the security flaw works can download the screenshots captured by the spyware directly from pcTattletale’s servers.
Daigle said he attempted to warn pcTattletale of the issue, but the company has not responded, and the flaw remains unfixed at the time of publication. Daigle disclosed limited details of pcTattletale’s leaking screenshot bug in a short blog post, without providing specifics so as to not help bad actors take advantage of the flaw.
Daigle said pcTattletale periodically takes new screenshots of the device that the app is running on, sometimes every few seconds.
Another screenshot showed access to a third Wyndham hotel’s check-in system, which at the time was logged into Booking.com’s administration portal used to manage a guest’s reservation.
It’s not known who planted the app or how the app was planted — for example, if hotel employees were tricked into installing it, or if the hotel owner intended the spyware to be used to monitor employee behavior. pcTattletale markets itself as a way to monitor employees, among other uses.
‘Some of our accommodation partners have unfortunately been targeted by very convincing and sophisticated phishing tactics, encouraging them to click on links or download attachments outside of our system that enable malware to load on their machines and in some cases, lead to unauthorized access to their Booking.com account,’ said Angela Cavis, a spokesperson for Booking.com. ‘These bad actors then attempt to impersonate the partner (or even Booking.com) — sometimes very convincingly — to request payment from customers outside of the policy in their booking confirmation.’
BBC News reported last December that cybercriminals had obtained access to the administration portals of individual hotels that use Booking.com. With this access, the criminals then sent messages to customers from the company’s app to trick them into paying them instead of the hotel.
It’s not known if pcTattletale or other spyware is linked to previous incidents, and Booking.com said it was investigating.
‘All tracks covered’
There is a long history of stalkerware apps that ostensibly market themselves for legitimate uses — tracking your own children is legal in the United States — but also promote, or outright say, that the apps can be used to target people without their knowledge, often spouses and domestic partners, which is unlawful.
pcTattletale is sold under the guise of child and employee monitoring software, but the company also promotes its app for use against ‘spouses who worry that their partner might be cheating.’
pcTattletale also offers a service called ‘We Do It For You,’ which the company says will help install the spyware on the target’s computer on the customer’s behalf.
‘We put pcTattletale on their Windows Computer for you. Just pick a time,’ pcTattletale’s website tells customers inside its members’ portal. ‘You will get an email with instructions for us to access their computer. It takes us about 10 minutes. No traces left behind. All tracks covered.’ The customer is then sent a link ‘for our techncian [sic] to access the computer.’
To contact this reporter, get in touch on Signal and WhatsApp at +1 646-755-8849, or by email. You can also send files and documents via SecureDrop.
Reference: https://techcrunch.com/2024/05/22/spyware-found-on-hotel-check-in-computers/
Ref: techcrunch
MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG