The idea behind the software is simple. When the spying party installs the stalkerware, they grant permission to record what happens on the targeted Android or Windows device. The observer can then log in on an online portal and activate recording, at which point a screen capture is taken on the target’s device.<\/p>\n
What goes around comes around, you might say. As you may have read many times before on our blog, some spyware companies have a surprisingly low standard of security .<\/p>\n
In 2021, we reported<\/a> that \u201cemployee and child-monitoring\u201d software vendor pcTattleTale hadn\u2019t been very careful about securing the screenshots it sneakily took from its victims\u2019 phones. A security researcher<\/a> found an issue while using a trial version of pcTattleTale, noticing that the company uploaded the screenshots to an unsecured online database (meaning anyone could view the screenshots as they weren’t protected by any form of authentication\u2014such as a user name and password).<\/p>\n Last week another security researcher, Eric Daigle, found<\/a> the company appears to have learned nothing from its previous security issue. Daigle found that pcTattleTale’s Application Programming Interface (API) allows any attacker to access the most recent screen capture recorded from any device on which the spyware is installed. Despite repeated warnings from Daigle and others, no improvements were made. <\/p>\n Then, yet another researcher found yet another bug in pcTattletale which allowed them to gain full access to the backend infrastructure. This allowed them to deface the website and steal the AWS credentials which turned out to be the same for all devices. Amazon has now locked pcTattletale’s entire AWS infrastructure.<\/p>\n After a quick sweep, stalkerware researcher, Maia Crimew stated<\/a>:<\/p>\n \u201cpcTattletale currently holds over 17 terabytes of victim device screenshots (upwards of 300 million of them from over 10 thousand devices), with some of them dating back to 2018.\u201d<\/p>\n<\/blockquote>\n According to 2023 research from Malwarebytes<\/a>, 62 percent of people in the United States and Canada admitted to monitoring their romantic partners online in one form or another, from looking through a spouse\u2019s or significant other\u2019s text messages, to tracking their location, to rifling through their search history, to even installing monitoring software onto their devices.<\/p>\n Given the low security of the apps available<\/a> to home users, this is extremely concerning. Installing monitoring software is not just a huge invasion of privacy, there is a big chance that it will backfire. <\/p>\n Malwarebytes, as one of the founding members of the Coalition Against Stalkerware<\/a>, makes it a priority to detect and remove stalkerware-type apps from your device. It is good to keep in mind however that by removing the stalkerware-type app you will alert the person spying on you that you know the app is there.<\/p>\n Because the apps install under a different name and hide themselves from the user, it can be hard to find and remove them.\u00a0That is where\u00a0Malwarebytes<\/a>\u00a0can help you.<\/p>\n If malware is detected you can act on it in the following ways:<\/p>\n On Windows machines Malwarebytes detects pcTattleTale as PUP.Optional.PCTattletale.<\/p>\n We don\u2019t just report on phone security\u2014we provide it<\/strong><\/p>\n Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by\u00a0downloading Malwarebytes for iOS<\/a>, and Malwarebytes for Android<\/a> today.<\/p>\n\n
Removing stalkerware<\/h2>\n
\n
\n
\n