Convicted spyware maker Bryan Fleming avoids jail at sentencing

The archetypal convicted spyware shaper successful implicit a decennary has avoided jailhouse clip aft earlier pleading blameworthy to U.S. national charges associated with moving his surveillance company.

Bryan Fleming was sentenced connected Friday successful a San Diego national tribunal to clip served and a $5,000 fine, confirmed a spokesperson for the U.S. Attorney for the Southern District of California, whose bureau brought the charges against Fleming.

During a plea proceeding successful January pursuing a years-long national probe into his spyware company, pcTattletale, Fleming admitted to making, selling, and advertizing spyware for unlawful uses.

Prosecutors had antecedently asked the justice for Fleming to person nary custodial condemnation oregon fine.

Image Credits:YouTube (screenshot)

Fleming’s transgression condemnation marks the archetypal palmy prosecution of a spyware shaper by the U.S. Department of Justice since 2014, perchance opening the doorway to aboriginal prosecutions against others with amerciable surveillance operations. 

Fleming’s attorney, Marcus Bourassa, did not respond to a petition for remark erstwhile contacted by TechCrunch.

Investigators with Homeland Security Investigations (HSI), a portion wrong U.S. Immigration and Customs Enforcement, brought charges against Fleming successful 2025 arsenic portion of a wider probe into the consumer-grade spyware industry. While galore spyware operators tally their businesses from overseas, investigators told TechCrunch that Fleming drew the attraction of national agents arsenic helium sold and facilitated the usage of spyware from the United States, and was idiosyncratic wrong the jurisdictional scope of U.S. instrumentality enforcement.

Spyware apps similar pcTattletale are referred to arsenic “stalkerware,” arsenic paying customers often works surveillance bundle connected the devices of idiosyncratic other without their cognition oregon consent, specified arsenic their spouse. Once planted, these apps stealthily upload the contents of a victim’s device, including their messages, photos, and real-time location, and marque the information viewable to the idiosyncratic who planted the spyware.

According to an affidavit filed by national investigators who sought to hunt his house, Fleming, successful immoderate cases, “knowingly assisted customers seeking to spy connected nonconsenting, non-employee adults.” 

It’s not known however galore radical pcTattletale spied on, but a information breach successful 2024 revealed immoderate of the standard of the long-running operation.

According to an earlier investigation by TechCrunch, a information researcher discovered that pcTattletale had a information flaw that was exposing millions of surface captures, taken by the spyware from the victim’s instrumentality each fewer seconds, to the unfastened internet, which allowed anyone to spot the contents of different people’s machine displays. This included screenshots of check-in computers astatine respective U.S. hotels that had pcTattletale installed, which exposed edifice impermanent and preservation details. 

Fleming did not respond to the researcher nor hole the information flaw. 

A week pursuing our report, Fleming shut down pcTattletale successful 2024 aft a high-profile hack, website defacement, and information breach, which revealed that much than 138,000 customers had paid the institution to assistance spy connected countless victims.

The hacker told TechCrunch that they exploited a antithetic information flaw, allowing entree to each of the files stored successful pcTattletale’s unreality information retention account, including those of the victims.

It’s not wide precisely however galore radical had their devices compromised by pcTattletale, and Fleming did not notify his customers oregon their victims of the information breach. The pcTattletale laminitis told TechCrunch astatine the clip that helium “deleted everything” from his company’s servers pursuing the breach. 

pcTattletale is 1 of several makers of stalkerware that person unopen down oregon forced offline pursuing a information lapse, including LetMeSpy, Cocospy, and Spyhide.