At its best, technology can bring people together through the use of social networks, video chats, and other tools. But at its worst, technology can be used to harass, bully, and terrorize other people. One example of the latter is stalkerware, a type of app installed on someone’s mobile device to eavesdrop on them. A report released Friday by Kaspersky explains how stalkerware works and how you can protect yourself against it.
SEE: Top Android security tips (free PDF) (TechRepublic)
Commercially available to anyone with internet access, stalkerware typically is set up on someone’s mobile phone without their knowledge or permission. Once installed, the app operates in stealth mode, so the user is unaware of its presence.
As defined by Kaspersky, stalkerware can’t be installed remotely through malware or other means. The culprit must have physical access to the phone. Unless the phone has been lost or stolen, that means the abuser typically knows the victim, as in the case of a spouse, significant other, or close contact.
Installing the stalkerware app usually requires only a few minutes. The phone itself must either be unlocked or unprotected by a PIN, password, or other security. However, someone who has already shared their security method with an abusive spouse or significant other can also allow for the intrusive app to be installed.
Depending on the type of stalkerware in place, the abuser can perform any or all of the following activities:
- Read anything the victim types by logging each keystroke. This can include account credentials to banking apps, online shops, and social networks
- Know the location of the victim by tracking their movements via GPS
- Hear what the victim says by eavesdropping on or even recording their phone calls
- Read any type of message, even those that are encrypted
- Monitor social network activity
- See photos and videos
- Switch on the camera
Based on Kaspersky’s research, 53,870 users of its mobile security app were affected globally by stalkerware in 2020. Including people who don’t use Kaspersky’s software, the full number is certainly much higher.
Using stalkerware against women is an especially pervasive issue and can lead to violence on the part of the stalker. Seven in 10 women in Europe who experienced cyberstalking also faced at least one form of physical and/or sexual violence from an intimate partner, according to a 2017 report from the European Institute for Gender Equality. Cyberstalking itself is a form of violence as an abuser can use the surveillance to control their victim.
SEE: How to manage passwords: Best practices and security tips (free PDF) (TechRepublic)
“We now understand that stalkerware is not purely a technical problem,” Kristina Shingareva, head of external relations at Kaspersky, said in a press release. “It’s not the IT part of the issue that is challenging, but the fact that we need to deal with the commercial availability of stalkerware, the lack of regulation around how it is being used and, perhaps the most difficult problem, the fact that violence against women and different forms of online abuse have been normalized.”
Given the shady nature of stalkerware, the apps typically have to be downloaded from an unofficial source, such as the developer’s webpage. The stalkerware family known as Nidb was the most popular stalkerware sample in 2020, according to Kaspersky. Nidb was used to sell a number of different stalkerware products such as iSpyoo, TheTruthSpy, and Copy9, the report said.
For Android, Google banned stalkerware apps from its Google Play store last year. Stalkerware tools are less frequent on iOS than on Android because of the closed nature of Apple’s ecosystem. But an abuser can install such an app on a jailbroken iPhone. In other cases, an abuser could give their victim a mobile phone as a gift with the stalkerware already installed.
Stalkerware apps often skirt legal issues by pretended to be child monitoring or employee tracking tools. In the past, users would run afoul of the law only if they used such apps to record user activity without their permission. But the laws are slowly changing, at least in certain countries. In France, secretly spying on someone this way without their consent can be punished with up to one year in jail and a fine of €45,000. In the United States, one developer of a stalking app was fined $500,000, while another eluded any penalty after promising to change the app’s functionality.
SEE: Android 12: A cheat sheet (TechRepublic)
With stalkerware able to run on your phone without your knowledge, Kaspersky offers a few ways to tell if such an app has been installed:
- Keep an eye out for a fast draining battery, constant overheating, and mobile data traffic growth.
- Do regular antivirus scanning on your Android device. If your security product detects stalkerware, don’t rush to remove it, as the abuser may notice. Have a safety plan in place and reach out to a local help organization.
- Check your browser history. To download stalkerware, the abuser will have to visit certain sites that you may not know about.
- Check “unknown sources” settings. If “unknown sources” are enabled on your device, that could indicate the installation of unwanted software from a third-party source.
- Check the permissions of installed apps. Stalkerware apps may be disguised under a wrong name with suspicious access to messages, call logs, location, and other personal activity.
Finally, here are a few ways to protect your phone against the installation of stalkerware:
- Never lend your phone to anyone without seeing what happens with it and do not leave it unlocked.
- Use a complex lock screen password and change passwords on a regular basis.
- Do not disclose your password to anyone, not even your intimate partner or family members or close friends.
- Regularly check your phone. Delete apps you don’t use and review the permissions granted to each app.
- Disable the option for third-party apps to be installed on Android devices.
- Protect your Android devices with a cybersecurity solution that detects and warns you of stalkerware.