Commercial spyware programs are background-running apps installed on phones, which can be used to monitor and track device activity. Usually used to spy on partners or ex-partners, there is nothing to stop people using such programs to target specific individuals for malicious purposes. This is often done without the victim’s knowledge, leading to these types of programs being commonly referred to as ‘stalkerware’. While functionality varies, it often allows the person who installed it to access their victim’s device information, SMS messages, photographs, social media conversations, geolocation data and, in certain cases, to transfer audio and camera recordings in real time.
While installing stalkerware on someone else’s device requires physical access, it can be done quickly by downloading an app onto the phone from a distributor’s website. In 2018, Kaspersky Lab products detected stalkerware programs on 58,487 unique mobile devices – proving the severity of the threat. While it seems hard to even imagine that such a blatant privacy invasion can be so common and easily accessible, stalkerware programs have been exposed and publicly criticized multiple times. Yet, in most countries their status remains vague.
Kaspersky Lab has now developed new attention grabbing alert that clearly notifies users of Kaspersky Internet Security for Android if such programs are found on their devices.
In addition, Kaspersky Lab researchers have looked at the wider landscape for such software. The resulting report, ‘Beware of stalkerware’, features analysis of commercially available spyware, including the most popular consumer surveillance apps. The research shows that alongside the obvious privacy invasion, such programs generally lack protection measures for the sensitive data being hijacked. For instance, five out of 10 stalkerware programs analyzed had either experienced a data-breach or were found to be vulnerable to such attacks. Analysts even discovered one vendor storing victim data files on a server with critical security vulnerability, leaving the stored data accessible to all.
The study that Kaspersky Lab researchers performed also exposes the extent of the so-called stalkerware industry. Even programs that have been shut down or at least claim to be so, continue to be marketed through official social media channels and offer franchise-like business models to buyers.
Kaspersky Lab has been flagging potentially harmful apps that are not malware – including adware and so-called legal spyware – for years, even creating a specific “not-a-virus” notification. However, as the problem of privacy abuse has increased, it decided to reevaluate how information about certain types of threats was being communicated to customers.
“We were following what some media organizations and NGOs like the Electronic Frontier Foundation were doing to enhance privacy and security for vulnerable populations around the world, and to eliminate the threat that stalkerware poses. We were inspired by their activities so much that we decided to review how our own products treat such software. As a result, we now flag commercial spyware with a specific alert which warns users of the dangers stalkerware poses. We believe users have a right to know if such a program is installed on their device. Our new alert will help them to do that and assess the risk properly,” says Alexey Firsh, Security Researcher at Kaspersky Lab.
To learn more about the modern state of commercial spyware programs, read the report on Securelist.com.
To download Kaspersky Internet Security for Android with the new Privacy Alert, please visit the Google Play store.
Take the following steps to make sure you are not a victim of a digital stalking:
● Only install mobile applications from official app stores, such as Google Play
● Block the installation of programs from unknown sources in your smartphone’s settings
● Never disclose the password or passcode to your mobile device, even if it is with someone you trust
● Never store unfamiliar files or applications on your device, as they could harm your privacy
● Change all security settings in your mobile device if you are leaving a relationship. An ex may undertake attempts to acquire your personal information in order to manipulate you
● Get control of programs running in the background and disable suspicious activity
● Use a reliable security solution that notifies you about the presence of commercial spyware programs aimed at invading your privacy on your phone, such as Kaspersky Internet Security