From September 2020 to May 2021, the number of devices infected with stalkerware increased by 63 percent, according to a study by security firm NortonLifeLock
It looked like a calculator app. But actually it was a malicious program of the spyware, which recorded every key I pressed – the kind of information I could give a stalker (a person obsessively chasing another) unlimited access to my personal life.
That’s what I concluded after downloading the free app on an Android smartphone. The app describes itself as a tool to monitor the family members’ online activities, recording what they each type. Once installed via the official Google app store, its icon can be changed to look like a calculator or calendar app. In my tests, the app logged everything I typed, including my internet searches, text messages, and emails.
This app is part of a rapidly expanding group of apps known as “stalkerware”. Although these apps were hundreds a few years ago, they have multiplied since then to thousands. They are widely available on Google’s Play Store and, to a lesser extent, on Apple’s App Store. And they’ve become such a widely used tool for digital domestic violence that, in the last year, Apple and Google have started to recognize them as a problem.
From September 2020 to May 2021, the number of devices infected with stalkerware increased by 63 percent, according to a study by security company NortonLifeLock. This month, the US Federal Trade Commission (FTC) said it had banned an app creator, Support King, from offering its stalkerware that has access to the victim’s location, photos and messages. It was the first such ban.
“It’s extremely invasive, it’s a very serious problem, and it’s related to some of the worst abuses I’ve seen in intimate partner violence,” said Eva Galperin, director of cybersecurity for the Electronic Frontier Foundation (EFF), a non-profit organization that seeks to protect digital rights over apps.
The use of applications used for cyber monitoring, also known as stalkerware, is a thorny issue because it is in an area where the rules are not well established. There are interesting uses for these surveillance apps, like parental control software that monitors what kids do on the internet to protect them from predators. But this technology turns into stalkerware when it’s secretly installed on a partner’s cell phone to spy on it without their consent.
According to the researchers, these apps are more present on mobile phones that use the Android operating system, because the more open nature of the system developed by Google gives programs greater access to device data and allows people to install the apps they want on their own. cell phones. Even so, new tracking software targeting iPhones has also emerged.
Google said it banned apps that violated its policies after I contacted them to talk about the app. An Apple spokesperson referred me to a security guide the company published last year in response to the threat from these applications. He added that the new monitoring apps were not a vulnerability for the iPhone that could be fixed with technology if an attacker had access to a person’s device and password.
Fighting stalkerware is difficult. You might not even suspect it’s in use. And even if you suspect it, it can be difficult to detect, as antiviruses have only recently started flagging these applications as malicious.
Here’s a guide to how stalkerware works, what to watch out for, and what to do about it.
How stalkerware works
Surveillance software has been proliferating on computers for decades, but more recently, the makers of programs that collect user information have shifted their focus to mobile devices. As it is possible to access more intimate data such as photos, real-time location, phone conversations and messages with them, the applications became known as stalkerware (a combination of the English words stalker, stalker, and software).
Various stalkerware applications collect different types of information. Some record phone calls, others record which keys are pressed, and some track a person’s location or send a person’s photos to a remote server. But they all tend to work the same way: an attacker with access to the victim’s device installs the app on the cell phone and disguises the software as commonplace; a calendar app, for example.
From there, the app is hidden in the background and then the attacker has access to the information. Sometimes they are sent to the attacker’s email or can be downloaded from a website. In other cases, attackers who know their partner’s password can simply unlock the device to gain access to stalkerware and verify logged information.
how to protect yourself
So what to do? The Coalition Against Stalkerware, a project organized by companies and organizations specializing in cybersecurity such as the EFF and other groups, gave the following tips:
Keep an eye out if your device is behaving differently. For example, downloading quickly. This could be an indication that a stalker app is in continuous use in the background.
Scan your device. Some applications like Malwarebytes, Certo, NortonLifeLock and Lookout can detect stalkerware. But for the analysis to be complete, take a look at your apps to see if anything looks strange or suspicious. If you find stalkerware, give it some thought before deleting it: it can be useful evidence if you decide to report the abuse to the authorities.
Seek help. In addition to reporting monitoring to the authorities, you can seek legal advice.
Check your accounts online to see which apps and devices are connected to them. On Twitter, for example, you can click the “account access and security” button within the settings menu to see which devices and apps have access to your account. Log off anything that looks suspicious.
Change your passwords and your access code. It is always safer to change passwords for important online accounts and avoid reusing them on websites. Try creating long, complex passwords for each account. Likewise, make sure it isn’t easy enough for someone to guess.
Enable two-factor authentication. For any online account that offers this option, use two-factor authentication; which basically requires two ways to verify your identity before allowing you to log into an account. Let’s say you enter your username and password to login to Facebook. That’s the first factor. Facebook then asks you to enter a temporary code generated by an authentication app. That’s the second factor. With this protection, even if an attacker discovers your password using stalkerware, he will still not be able to log in without this code.
On iPhones, check your settings. One of the apps uses a computer to remotely download a backup copy of a victim’s iPhone data, according to Certo, a mobile security company. To defend yourself, open the “Settings” app and check the “General” option to see if the “Sync over Wi-Fi with iTunes” option is enabled. Disabling it will prevent apps like this from copying your data.
Apple said this was not considered a vulnerability for the iPhone because it required an attacker to be on the same Wi-Fi network and have physical access to the victim’s unlocked iPhone.
start from scratch. Buy a new cell phone or erase all data on your phone to use it with settings restored is the most effective way to eliminate stalkerware from a device.
Update your operating system. Apple and Google regularly offer software updates that include security fixes that can remove stalkerware. Make sure you are using the latest version of the software.
In the end, there is no real way to defeat the stalkerware from the app stores. Kevin Roundy, lead researcher at NortonLifeLock, said he has reported more than 800 stalkerware apps within the Android app store. Google removed the apps and updated its policy in October to ban developers from offering stalkerware. However, more options emerged to take their place.
“Without a doubt there are a lot of very dangerous and scary possibilities,” said Roundy. “This will continue to be a concern.”/TRANSLATION OF ROMINA CACIA