Stalkerware can be used to keep track of employees, family members, or anyone else. And this data can be accessed by cybercriminals too…
Invasive software is nothing new, but the ongoing transition to remote work, coupled with technological innovation, has led to some truly extraordinary solutions, inspiring what appears to be a renaissance of sorts in the monitoring software field.
Monitoring software is any type of software one person uses to keep an eye on somebody else, usually an employee or a child. But the line between monitoring and surveillance has been blurred, with increasingly intrusive products hitting the market.
Enter pcTattletale. So what is it? And why does it pose such a security risk to users with Android devices?
As the name suggests, pcTattletale is a rather aggressive surveillance tool.
On its official website, pcTattletale boasts that it "runs invisibly in the background on their devices and can not be detected"—"they" presumably being your employee, child, or spouse.
"They will have no idea you are able to see everything they do," the company says, claiming that its tool makes YouTube-like real time videos of the target's screen. "Just watch the recordings from your phone or computer using your secure pcTattletale account as they live their secret online lives."
Well, it turns out that every step "they" make is being monitored, but not just by the person that signed up to monitor them.
Malwarebytes reported this week that pcTattletale uploads screenshots of victims' phones to an unsecured AWS bucket.
So, what does this mean exactly?
Amazon Web Services (AWS) is a subsidiary of Amazon that provides cloud computing platforms to individuals, businesses, and governments alike. An AWS bucket is essentially an online folder where one can store their files.
The problem is, pcTattletale uses an AWS bucket that requires no authorization such as a username and password. In other words, any competent threat actor with an internet connection can access the captured screenshots with relative ease.
As outrageous as this may seem, it is not that unusual. Amid the coronavirus pandemic, with millions making the transition to remote working, employers around the world have turned to employee surveillance software to keep tabs on workers.
Some of these tools are perfectly innocent and actually do what one would expect them to do, but others are downright invasive: they can capture emails and text messages, broadcast videos of an employee's desktop in real time, and collect an astonishing amount of data.
For good reason, tools like pcTattletale are referred to as stalkerware. Many of them run in the background of a system and are not easy to detect.
If you suspect you are being monitored, there are ways to check if that is really the case.
Firstly, iOS users have nothing to worry about since it's virtually impossible to install stalkerware on an iPhone, unless it's jailbroken.
If your smartphone is actually loaded with invasive surveillance software, or any unwanted software for that matter, you will notice that the battery is draining faster than usual.
RELATED: How to Tell if Your Phone Is Tapped
Overheating is another obvious sign. Your device will literally get hot if you are being spied on, because stalkerware apps usually run in the background non-stop.
Additionally, watch out for strange error messages and pop-ups, changes to your browser, and unusual activity on your phone in general.
It's always a good idea to check for unwanted apps manually. On Android, you can do this by navigating to Settings > Apps > All Apps. Have a look around the Settings menu to check if an unknown app is tucked in there somewhere.
If your phone is still acting up, you can always do a factory reset by navigating to Settings > Advanced Settings > Backup & reset > Factory data reset.
Note that this will erase all data from the internal storage, so back up contacts, photos, and anything else you want to keep.
An easier way to check for unwanted app is to scan your phone with anti-malware software. There are several good antivirus apps for Android devices, and most of them have free versions that should do the job.
Keep your Android device safe and secure with one of these leading Android antivirus apps.
Damir is a freelance writer and reporter whose work focuses on cybersecurity. Outside of writing, he enjoys reading, music, and film.
Join our newsletter for tech tips, reviews, free ebooks, and exclusive deals!