> At a Glance
> – Bryan Fleming, founder of pcTattletale, pleaded guilty to hacking and illegal surveillance sales
> – Federal probe began in June 2021 after agents found the site openly marketed spying on partners
> – His $1.2 million Michigan home was raided in November 2022; PayPal records show $600,000 in transactions
> – Why it matters: First U.S. stalkerware prosecution in a decade could embolden more cases against spyware vendors
The long-running federal hunt for stalkerware operators landed its first conviction in ten years when pcTattletale creator Bryan Fleming admitted in a San Diego courtroom to designing and selling spyware built for secretly monitoring spouses and partners.
The Guilty Plea
Fleming, who controlled pcTattletale since 2016, pleaded guilty to:
- Computer hacking
- Advertising and selling surveillance software for unlawful uses
- Conspiracy
The plea caps a multi-year Homeland Security Investigations probe that started after agents cataloged more than 100 stalkerware sites and singled out pcTattletale for explicitly encouraging “surreptitiously spying on spouses and partners.”
How HSI Closed In
Investigators secured a 2022 warrant to search Fleming’s email, finding messages that showed he “knowingly assisted customers seeking to spy on nonconsenting, non-employee adults.”
An undercover HSI agent posed as an affiliate marketer and received banner ads from Fleming that promoted the software to “catch a cheater,” cementing intent to market for illegal purposes.
Timeline of key events:
| Date | Event |
|---|---|
| mid-2021 | HSI opens stalkerware industry probe |
| June 2021 | pcTattletale flagged for marketing spousal spying |
| 2022 | Email search warrant & undercover op |
| Nov 2022 | Agents raid Fleming’s Michigan home |
| 2024 | pcTattletale shuts after breach exposes 138,000 customers |
| Dec 2025 | Affidavit unsealed ahead of plea hearing |
The Spyware Operation
pcTattletale let buyers secretly harvest messages, photos, and GPS data once the app was manually installed on a victim’s device. Fleming boldly promoted the product on YouTube from his home office, making him an easier target than overseas operators who hide behind shell companies.
After a hacker breached pcTattletale servers in 2024, Fleming deleted all data and told News Of Philadelphia the company was “out of business and completely done.” Federal agents were already deep into their case, seizing hardware and financial records showing $600,000 in PayPal receipts.
Privacy Advocates React
Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, stressed the symbolic weight of the conviction:
> “One of the most striking aspects of this case is the extent to which stalkware companies like pcTattletale operate out in the open. This is because the people behind these companies so rarely face consequences for selling tools that they themselves say are explicitly for monitoring other people’s devices without their knowledge or consent.”
She added:
> “I hope that this case changes the risk calculus for makers of stalkerware.”
Key Takeaways
- First U.S. federal stalkerware conviction since StealthGenie in 2014
- pcTattletale actively marketed spying on romantic partners, breaking U.S. wiretap laws
- Fleming’s brazen advertising and domestic location made him an attainable target
- Sentencing is expected later this year
The guilty plea signals renewed federal appetite for prosecuting not just spyware coders but anyone who advertises or sells covert surveillance tools for illegal purposes.
