Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security

Spyware Found on US Hotel Check-in Computers (techcrunch.com) 24

A consumer-grade spyware app has been found running on the check-in systems of at least three Wyndham hotels across the United States, TechCrunch reported Wednesday. From the report: The app, called pcTattletale, stealthily and continually captured screenshots of the hotel booking systems, which contained guest details and customer information. Thanks to a security flaw in the spyware, these screenshots are available to anyone on the internet, not just the spyware's intended users.

This is the most recent example of consumer-grade spyware exposing sensitive information because of a security flaw in the spyware itself. It's also the second known time that pcTattletale has exposed screenshots of the devices that the app is installed on. Several other spyware apps in recent years had security bugs or misconfigurations that exposed the private and personal data of unwitting device owners, in some cases prompting action by government regulators. pcTattletale allows whomever controls it to remotely view the target's Android or Windows device and its data, from anywhere in the world. pcTattletale's website says the app "runs invisibly in the background on their workstations and can not be detected."

This discussion has been archived. No new comments can be posted.

Spyware Found on US Hotel Check-in Computers

Comments Filter:
  • by geekmux ( 1040042 ) on Wednesday May 22, 2024 @04:15PM (#64491667)

    When spyware leaks information, it's most definitely a feature.

    Calling that shit a "bug" is like making the race car faster and calling it a "mistake".

    • It's spyware in that it is used to record the activity on the computer. But it's supposed to be only accessible to the computer's owner, in this case Wyndham management, who put it there to spy on employees. The real question is, is this covered by pcTattletale's 60 day money back guarantee? :-P
      • The real question is, is this covered by pcTattletale's 60 day money back guarantee? :-P

        But of course! Guaranteed to Tattle or Tell, or your money back. Heh, thanks for the laugh.

    • The app, called pcTattletale, stealthily and continually captured screenshots of the hotel booking systems, which contained guest details and customer information.

      Now there's the mistake, if you do this exact thing but call it "Windows Recall" instead of "pcTattletale" then it's all legit and above board.

    • "When spyware leaks information, it's most definitely a feature."

      When spyware leaks information to someone who isn't paying, it's a bug.

      "making the race car faster and calling it a "mistake"."

      Major racing series are heavily involved in limiting the performance of the cars involved. If your racecar goes faster that's called "cheating".

  • in how many mundane businesses think this is an appropriate way to monitor employees? Guessing this is more widespread than has been reported up till now. Why not use the same software one uses to spy on the untrusted in one's personal life to also spy on your employees? What could go wrong?
    • remote desktop / remote management tools can view what they are doing as well.

    • It's advertised as both employee and child monitoring, so businesses are clearly part of pcTattletale's target audience.
  • Windows Recall (Score:5, Insightful)

    by LuniticusTheSane ( 1195389 ) on Wednesday May 22, 2024 @04:34PM (#64491733)
    This is just a preview of what will happen with Windows Recall.
    • This is why Recall has been created, to steal screenshots to train their AI models. As a bonus spyware peddlers won't have to work as much.

  • Is managementware worse than regular spyware?

  • by usedtobestine ( 7476084 ) on Wednesday May 22, 2024 @05:07PM (#64491831)

    Isn't Microsoft Window going to start doing this by default?

  • by sarren1901 ( 5415506 ) on Wednesday May 22, 2024 @06:12PM (#64491983)

    Sounds like Windows Recall, that wants to take snapshots of your desktop every couple seconds, save it to disk and let's you I guess mess with the saved picture. So this just a buggy alpha release of that software, leaking stuff to the Internet.

    Have fun with that, you Windows users.

  • It would be of interest to know the infection vector of this spyware on Android or Windows systems.
  • So someone can find out I stayed at that crappy little hotel in Anaheim, entirely too far away from Blizzcon? (And met that pretty Special Ops veteran girl and her two-wheel electric whatever? Sigh ...)

    I'm doomed, truly.

  • A coworker was planning a holiday, and they got a phishing email that had the details of their trip - their name and flight. It was an email saying their flight had changed and they needed to confirm the new flight details immediately or they wouldn't be allowed to board.

    In other words, it was worded like a typical phishing email, but it had his name and flight details. He checked the link and it was a fake link so he knew it wasn't real.

    But that one was scary in that it had the details and no one could fig

Any circuit design must contain at least one part which is obsolete, two parts which are unobtainable, and three parts which are still under development.

Working...