Skip to content

Spyware discovered in Wyndham Hotel systems; leaks guest info

  • by
  • 3 min read

The check-in systems of three Wyndham hotels across the United States have been compromised by a consumer-grade spyware app called pcTattletale. The spyware, which captures screenshots of hotel booking systems and exposes sensitive guest details, has a security flaw that makes these screenshots accessible to anyone online.

The spyware operates on Android and Windows devices, capturing and transmitting screenshots without detection. This flaw has allowed for the inadvertent exposure of guest information, including names, reservation details, and partial payment card numbers. This incident marks the second time pcTattletale has been found leaking screenshots due to security vulnerabilities.

Security researcher Eric Daigle uncovered the breach while investigating consumer-grade spyware. Daigle found that the screenshots captured by pcTattletale, intended for the spyware’s user, were accessible to anyone who knew how to exploit the flaw. Despite attempts to inform pcTattletale of the issue, the company has not responded, leaving the vulnerability unaddressed.

“I recently discovered a serious vulnerability in PCTattletale’s API, allowing any attacker to obtain the most recent screen capture recorded from any device on which PCTattletale is installed,” explains Daigle.

What is a spyware, how does it affect a device and how to counter it?
It is still unclear who planted the spyware and for what purpose.

When TechCrunch obtained the screenshot from the compromised hotel systems, they noticed guest information and partial financial information on portals provided by travel tech giant Sabre and Booking.com. It remains unclear who planted the spyware or for what purpose, though pcTattletale markets itself as a tool for employee monitoring.

A manager at one of the affected Wyndham hotels expressed surprise, stating they were unaware of the spyware’s presence on their systems. Other hotel managers did not respond to TechCrunch’s enquiries. Wyndham’s spokesperson emphasised the independent ownership and operation of their hotels without confirming the awareness or approval of pcTattletale’s use.

Booking.com confirmed that their systems were not compromised but acknowledged the threat posed by cybercriminals starting hote systems through sophisticated phishing attacks.

The pcTattletale incident highlights the broader issue of spyware marketed under the guise of legitimate uses, such as child and employee monitoring, being misused for illegal surveillance. These apps, often called stalkerware, can track individuals without their knowledge or consent, raising significant privacy concerns.

In the News: WhatsApp chats are vulnerable to surveillance despite encryption

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

Related Reads

This is an image of ransomware 32988sd

Retail giant breach affects 2.2 million customers

This is an image of aeroplane airplane

Alaska Airlines subsidiary hit by cyber attack

This is an image of dark web hacker security

French police nab 4 for alleged involvement in underground hacking forum

Illustration: jmiks | shutterstock

Ransomware attack on health facility leads to patient’s death

This is an image of hacked security privacy

Hackers are stealing VPN logins with fake versions of SonicWall’s VPN

This is an image of brother printer featured 811

Millions of Brother printers found vulnerable to hacks

>