© 2024 CoolTechZone - Latest tech news,
product reviews, and analyses.

Spyware detected on hotel check-in computers

At least three Wyndham hotels across the United States have been infected with spyware.

According to TechCrunch, the check-in computers of the hotels are infected with malicious software called pcTattletale. The spyware captures screenshots of the hotel booking systems every few seconds, which contain detailed an sensitive customer information, such as names, reservation details and partial payment card numbers. Due to a security flaw in the spyware, these screenshots are available to anyone on the internet.

pcTattletale enables users to remotely view Android and Windows devices and its data, from anywhere in the world. The developer claims the app runs invisibly in the background of the equipment and cannot be detected.

Security researcher Eric Daigle discover the security flaw in the app and tried to warn pcTattletale. The company however didn’t respond to his disclosure. As a result the vulnerability remained unfixed. Daigle decided to uncover some of the details of the leaking screenshot bug in a blog post.

TechCrunch has seen screenshots of three US Wyndham hotels. The manager of one of the hotels said he was unaware that the spyware took screenshots. Who is responsible for the installation of pcTattletale on the check-in systems, remains a mystery.

Booking.com warns to be aware of cybercriminals

Booking.com, an Amsterdam-based online travel agency, says that its own systems aren’t compromised by the spyware. It however emphasizes that this case demonstrates that cybercriminals will do everything they can to victimize accommodation providers.

“Some of our accommodation partners have unfortunately been targeted by very convincing and sophisticated phishing tactics, encouraging them to click on links or download attachments outside of our system that enable malware to load on their machines and in some cases, lead to unauthorized access to their Booking.com account”, says Angela Cavis, a spokesperson for Booking.com.

She continues: “These bad actors then attempt to impersonate the partner (or even Booking.com), sometimes very convincingly, to request payment from customers outside of the policy in their booking confirmation.”

Leave a Reply

Your email address will not be published. Required fields are marked