Private chats and photos of celebrities and influencers were exposed after a suspected stalkerware setup left a database open, revealing sensitive messages and files.

Reportedly, pcTattletale founder Bryan Fleming has pleaded guilty in US federal court to computer hacking, unlawfully selling and advertising spyware, and conspiracy.

This is good news not just because we despise stalkerware like pcTattletale, but because it is only the second US federal stalkerware prosecution in a decade. It could could open the door to further cases against people who develop, sell, or promote similar tools.

In 2021, we reported that “employee and child-monitoring” software vendor pcTattletale had not been very careful about securing the screenshots it secretly captured from victims’ phones. A security researcher testing a trial version discovered that the app uploaded screenshots to an unsecured online database, meaning anyone could view them without authentication, such as a username and password.

In 2024, we revisited the app after researchers found it was once again leaking a database containing victim screenshots. One researcher discovered that pcTattletale’s Application Programming Interface (API) allowed anyone to access the most recent screen capture recorded from any device on which the spyware is installed. Another researcher uncovered a separate vulnerability that granted full access to the app’s backend infrastructure. That access allowed them to deface the website and steal AWS credentials, which turned out to be shared across all devices. As a result, the researcher obtained data about both victims and the customers who were doing the tracking.

This is no longer possible. Not because the developers fixed the problems, but because Amazon locked pcTattletale’s entire AWS infrastructure. Fleming later abandoned the product and deleted the contents of its servers.

However, Homeland Security Investigations had already started investigating pcTattletale in June 2021 and did not stop. A few things made Fleming stand out among other stalkerware operators. While many hide behind overseas shell companies, Fleming appeared to be proud of his work. And while others market their products as parental control or employee monitoring tools, pcTattletale explicitly promoted spying on romantic partners and spouses, using phrases such as “catch a cheater” and “surreptitiously spying on spouses and partners.” This made it clear the software was designed for non-consensual surveillance of adults.

Fleming is expected to be sentenced later this year.

Removing stalkerware

Malwarebytes, as one of the founding members of the Coalition Against Stalkerware, makes it a priority to detect and remove stalkerware-type apps from your device.

It is important to keep in mind, however, that removing stalkerware may alert the person spying on you that the app has been discovered. The Coalition Against Stalkerware outlines additional steps and considerations to help you decide the safest next move.

Because the apps often install under different names and hide themselves from users, they can be difficult to find and remove. That is where Malwarebytes can help you.

To scan your device:

1. Open your Malwarebytes dashboard
2. Start a Scan

The scan may take a few minutes.

 If malware is detected, you can choose one of the following actions:

• Uninstall. The threat will be deleted from your device.
• Ignore Always. The file detection will be added to the Allow List, and excluded from future scans. Legitimate files are sometimes detected as malware. We recommend reviewing scan results and adding files to Ignore Always that you know are safe and want to keep.
• Ignore Once: The detection is ignored for this scan only. It will be detected again during your next scan.

Malwarebytes detects pcTattleTale as PUP.Optional.PCTattletale.

---

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges - marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.

The AV-Comparatives Stalkerware Test 2025 delivers a sobering look at the evolving threat posed by stalkerware on mobile devices. Despite measures from both the tech industry and platform providers, stalkerware-type apps, which are apps that can be installed covertly to spy on a victim’s private life, remain a critical concern.

This comprehensive assessment, developed in collaboration with Electronic Frontier Foundation (EFF), evaluated 13 leading Android security solutions against 17 diverse stalkerware-type apps. Key findings show that stalkerware persists even as providers and coalitions crack down: it’s sideloaded from developer websites, designed to evade detection, and frequently stores sensitive victim data on insecure servers, often exposing it to wider risks like public data leaks.

For this test, each security app was assessed for its ability to clearly detect and report stalkerware, not just using generic labels, but with explicit warnings tailored to support possible victims.

AV-Comparatives is an independent organization offering systematic testing that checks whether security software, such as PC/Mac-based antivirus products and mobile security solutions, lives up to its promises.

Of the 13 security products tested in September 2025, only a few stood out for detection accuracy, clarity, and responsible alerting, with Malwarebytes the only one to score a 100% detection rate.

From the report:

The results show clear differences in performance between mobile security products. Malwarebytes stood out by detecting all stalkerware testcases, achieving a 100% detection rate. 

It went on to say:

Bitdefender, ESET, Kaspersky, and McAfee followed closely with 94% each, showing consistently high effectiveness. Avast, Avira, and F-Secure also performed well, identifying 88% of the test set, while Norton and Sophos achieved moderate coverage, detecting around 82%. At the lower end, G Data (65%), Google (53%), and Trend Micro (59%) missed a substantial portion of the stalkerware.

Why it matters to Malwarebytes

As one of the founding members of the Coalition Against Stalkerware, Malwarebytes sees this result as much more than a technical win. For us, the mission goes beyond simply blocking malicious software. Stalkerware-type apps are often used by abusers to systematically invade privacy and exert control. Their impact is highly personal, making reliable detection and safe reporting imperative.

Our participation in the coalition reflects a commitment to industry best practices: preventing stalkerware-type apps from being quietly installed, giving users detailed and honest threat information, and ensuring that every detection alert is crafted with survivor safety in mind. Scoring 100% in this test validates years of advocacy and development focused on the real-world needs of victims and their supporters, which goes beyond focusing on theoretical malware samples.

Ultimately, consistent leadership in stalkerware detection means standing alongside partners and survivor organizations to raise public awareness, drive safer technology, and provide every user with a clear path to reclaim their privacy. For Malwarebytes, achieving a perfect score isn’t just a mark of product quality; it’s proof of our commitment to your privacy and security.

---

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.