News

Consumer-Grade Spyware Discovered on Check-in Computers in US Hotels

An investigation by TechCrunch has revealed the presence of a consumer-grade spyware app running on the check-in systems of three Wyndham hotels in the United States.

The app, known as pcTattletale, was found to be covertly capturing screenshots of the hotel booking systems, which contained sensitive guest details and customer information. Due to a security flaw in the spyware, these screenshots were accessible to anyone on the internet, not just the intended users of the spyware.

This incident highlights the ongoing issue of consumer-grade spyware exposing confidential information due to security vulnerabilities within the spyware itself. It is the second known instance of pcTattletale exposing screenshots of devices where the app is installed. Several other spyware apps in recent years have also had security flaws or misconfigurations that compromised the private data of device owners, prompting regulatory action.

Guest and reservation details captured and exposed

pcTattletale allows remote viewing of Android or Windows devices and their data from anywhere in the world by those in control of the app. The spyware operates invisibly in the background on target workstations and cannot be detected, according to pcTattletale's website. However, the security flaw allowed anyone with knowledge of the flaw to download captured screenshots directly from pcTattletale's servers.

Security researcher Eric Daigle discovered the compromised hotel check-in systems while investigating consumer-grade spyware. These apps, often known as "stalkerware," can be used to track individuals, including partners and spouses, without their knowledge or consent.

Daigle attempted to notify pcTattletale of the issue, but the company did not respond, and the vulnerability remains unresolved. Daigle disclosed limited details of the screenshot leak bug in a blog post to prevent malicious actors from exploiting the flaw.

Screenshots from the Wyndham hotels showed guest names, reservation details, and partial payment card numbers on a web portal provided by travel technology company Sabre. Another screenshot revealed access to a third Wyndham hotel's check-in system, which was logged into Booking.com's administration portal.

The origin of the spyware on the hotel computers is unknown, raising questions about how it was installed and whether it was used for monitoring employee behavior. pcTattletale markets itself as an employee monitoring tool, among other purposes.

Booking.com stated that its systems were not compromised by the spyware but highlighted the targeting of hotel systems by cybercriminals to gain unauthorized access.

“All tracks covered”

pcTattletale is promoted as child and employee monitoring software but also supports its use against suspicious spouses. The company offers spyware apps for Android and Windows, requiring physical access to the target device for installation.

pcTattletale's "We Do It For You" service assists with installing the spyware on the target's device on behalf of the customer, ensuring no traces are left behind. Founder Bryan Fleming did not respond to requests for comment.


To contact this reporter, reach out on Signal and WhatsApp at +1 646-755-8849 or via email. Files and documents can also be sent via SecureDrop.

Related Articles

Back to top button