Employee monitoring app reveals users, licks 21+ million screenshots

Unfortunately, Spyware apps with a poor reputation and even weaker security practices are too common.

I have lost the count of how many blogs I wrote about stalkerware apps that not only revealed the people who spied on them, but also revealed the spies themselves.

However, one might expect an employee monitoring app of a higher standard. Not in this case.

Cybernews recently found that employees -monitoring app workcomposer have left over 21 million pictures that were exposed to an unsecured Amazon AWS S3 bucket. These pictures show a frame-by-frame activity protocol of the remote employees.

These are not only bad news for this remote worker, it could be even worse for the workcomposer customers, internal communication, confidential business documents and pages that are expelled via the unprotected bucket.

An S3 -Bucket is like a virtual file folder in the cloud in which you can save different types of data, e.g. B. text files, pictures, videos and more. The amount of data you can save in an S3 bucket is not limited, and individual instances can be up to 5 TB in size.

The work composer software logs keyboard attacks, follows how long an employee outputs for each app and records every few minutes of desktop screenshots. This means that these 21 million pictures could reveal everything from work processes to private information from employees.

Although there are no signs that cyber criminal access gains the same bucket, Workcomposer has not responded to notifications and queries. It secured access after notification, but did not give any comments.

This incident is recovered by an earlier cybernew's examination, at webwork, another remote team tracker, over 13 million screenshots with e -mails, passwords and other sensitive work data.

What to do if your employer has used work composers

There are some actions that you can take if you are, or suspect that you may have been monitored by work composers.

• Change the passwords that may have been seen. You can make a stolen password for thieves useless by changing it. Choose a strong password you use for nothing else. Let a password manager select one more for you.
• Activate the two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, a laptop or a phone as a second factor. Some forms of two-factor authentication (2FA) can be set as easily as a password. 2FA that is dependent on a FIDO2 device cannot be caught.
• Pay attention to phishing attacks. Cybercriminals can use the information to create convincing phishing -e emails, SMS or messages that pretend to come from trustworthy sources. Do not click on suspicious links or respond to unexpected messages that request personal or work information.
• Set up identity monitoring. The identity monitoring notifies you when your personal data is illegally traded online and helps you to recover.
• Report suspicious activities. If you notice suspicious e -mails, messages or non -authorized attempts to access, report them immediately to your IT department or your manager. Early reporting can help to contain potential damage and prevent further violations.

We don't just report on threats – we help to protect your entire digital identity

Cyber ​​security risks should never spread beyond a heading. Protect your – and your family – personal information by using identity protection.