In a recent report, Kaspersky revealed its discovery of about 380 variants of stalkerware in the wild in 2019, which is 31% more than in 2018. These legit programs are often used as tools for domestic espionage or to spy on partners, which is why they’re also touted as spouseware.
A stalkerware often needs to be installed manually on a victim’s phone and is done normally without permission. Once installed, a stalkerware can provide an operator (or abuser) access to their victim’s messages (SMS or messenger chats), photographs, social media, browser history, geolocation and audio or camera recordings, which in some cases can be done in real-time. The app is concealed in the device so the person being targeted may not find out that it’s there.
Most stalkerware products formally comply with legislation but are banned for distribution through legitimate channels such as Google Play or App Store for failure to comply with ethical norms.
In 2019, Kaspersky products detected a sharp rise in stalkerware found on Windows devices. Users of Kaspersky solutions in Russia (40,912), India (18,549) and Germany (15,217) were the most affected among its subscribers worldwide.
Meanwhile in Southeast Asia, attempted to be targeted were Kaspersky users in Vietnam followed by Malaysia and Indonesia.
|Stalkerware||Users affected 2018||Users affected 2019||Ranking in terms of share ofAffected users2018||Ranking in terms of share of affected users2019|
The cybersecurity company attributes the number of detections to the improvement in detecting stalkerware through cybersecurity solutions. In April last year, Kaspersky launched a functionality in its Android security app called Privacy Alert that specifically notifies users if a software that can be used for stalking is found on their device. Since then, the number of detections has steadily risen.
According to Kaspersky, the three most prolific stalkerware families detected in 2019 were the following, according to rank:
- Monitor.AndroidOS.MobileTracker.a used to identify a free Mobile Tracker application which tracks the activity of children or employees, their location, correspondences and calls. This app can access all files in the device, such as photos, browser history, calendar, contact and can remotely control the device.
- Monitor.AndroidOS.Cerberus.a positioned as an anti-theft app. Cerberus allows a stalker to work in “hidden’ mode and prevent it from being deleted. This app tracks the location of the device, takes pictures and screenshots from the camera and records audio from the microphone.
- Monitor.AndroidOS.Nidb.a which is a group of similar applications under the names iSpyoo, TheTruthSpy and Copy9. These are promoted as apps to spy on a partner.
Almost all stalkerware apps are designed to monitor victims’ actions, including keyboard activity, making it extremely effective in stealing information which the user is typing online, via keylogging tactics.
Purchasing a stalkerware or spouseware is cheap and easy. It sometimes costs as little as $7 (or 350 pesos) a month and it can stay hidden on a victim’s device unnoticed for a long time, making it an affordable way of monitoring someone’s movement.
If the stalkerware is deleted from the device, the abuser will know immediately and this usually results in minor escalation of conflict to physical violence. Such cases have been witnessed by nonprofit organizations working with victims of domestic abuse.
Generally considered a legal software in most countries, cybersecurity companies cannot easily regard it as malicious and removed when found. Other security solutions even mark it as not-a-virus or something similar so a user may perceive it as a harmless software when it’s definitely not.
The seriousness of stalkerware use has prompted Kaspersky to link arms with fellow IT security companies, advocacy groups and law enforcement agencies to form the Coalition Against Stalkerware for the creation of a consensus-based definition and standard criteria for stalkerware detection.
The Coalition has also launched a website, www.stopstalkerware.org, to provide helpful tips on how to find out if there’s stalkerware on your device and what to do about it. It also provides contacts that deal with domestic violence to reach out to and can help prevent or mitigate the damage.
“The formal legal status of stalkerware and how it’s being used to inflict damage is alarming for us and our industry. It clearly raises significant safety and privacy concerns. But we are positive that more partners will come in as we strive to help prevent cyberstalking, intimate partner violence through data and collaboration. We will continue to actively contribute to this endeavor of helping victims of technology-facilitated domestic abuse and eventually making it illegal to spy on other people without their knowledge,” said Yeo Siang Tiong, general manager for Kaspersky Southeast Asia.
‘With modern consumer surveillance technology, stalking has gone digital. With majority of women being victimized through the use of stalkerware, I feel sorry for this situation being a woman myself. But this initiative by the Coalition with their relentless efforts to educate the public and governments to push for changes so that everyone’s privacy will be protected,” said Mary Grace Sotayco, Kaspersky territory manager for the Philippines.
To avoid being monitored by stalkers, Kaspersky recommends:
1. Keep your password private. Never disclose the password of your mobile device, even if it is with someone you trust.
2. Check your phone programs & block installation from unknown sources. Find out if suspicious programs were installed on your phone without your consent. And block unknown sources from installing programs to your smartphone settings.
3. Never store unfamiliar files or applications on your device, as this could harm your privacy.
4. Change your mobile security settings. An ex may try to acquire your personal information to manipulate you.
5. Get a reliable security solution. Use security solutions like Kaspersky Internet Security that notifies you of the presence of commercial spyware programs that aims at invading your privacy on your phone.
6. Seek professional help. If you think you are a subject of stalking and need help, contact a relevant organization for professional help.
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.