Stalkerware in 2020 is still a burning issue

[harlan4096]

Stalkerware activity dropped off during the pandemic, but it’s picking up again. How to deal with the threat.

These days, spying on people has gotten far too easy. Anyone can buy stalkerware apps, which can look like parental control software or a smartphone antitheft solution. The classification may help developers avoid legal trouble; the software’s real purpose is to collect a great deal of highly sensitive information from devices without their users’ knowledge.

Although the legal status of stalkerware is gray, the use of such apps is not only unethical but also dangerous. We believe in countering the threat, in particular by raising awareness about it and any protective measures available to concerned citizens.

The scale of the scourge

Stalkerware apps’ features vary, but most enable total surveillance of the victim’s smartphone. Moreover, to install the app on the target device, the attacker simply needs to gain physical access to it once. Many people trust their partners enough to give them that access.

Among other things, stalkerware users can, without alerting their target in any way:

• Track a victim’s location;
  
• Read messages in messaging apps and social networks;
  
• View photos, videos, and other files on the device;
  
• Eavesdrop on telephone conversations;
  
• See everything typed on the keypad, including passwords and two-factor authentication codes.
  

Stalkerware typically hides itself from the list of installed programs and does not display any activity notifications.

Knowing their victim’s every move, an attacker can control, threaten, and psychologically pressure them. According to a 2017 report by the European Institute for Gender Equality (EIGE), seven of ten women affected by online stalking have experienced physical violence, sexual violence, or both at the hands of the perpetrator.

The scale of the problem continues to grow. For example, an Australian study on technology abuse and domestic violence showed that, since 2015, attackers have become far more likely to track the locations of current and former partners, and almost twice as likely to monitor them with cameras. The Centre Hubertine Auclert in France reports that one in five victims of relationship violence has encountered spyware. Germany also notes a rise in the use of stalkerware in recent years.

54,000 stalkerware victims in 2020

What has changed since 2019, when we teamed up with like-minded companies and nonprofits in the fight against stalkerware? Data from Kaspersky Security Network indicates almost 54,000 users worldwide were affected by stalkerware apps in 2020. Is that high or low? The figure in 2018 was almost 40,000, but in 2019 it topped 67,000.

This much is clear: The fight against online stalking is far from won. First, when it comes to threats of violence, 54,000 is a big number, however you slice it. Second, the pandemic and its consequences are factors, holding people house-bound in 2020 — and household members (spouses, roommates) are by far the most likely to use stalkerware apps. Isolation is likely to skew the numbers; with a victim stuck at home, a stalker may not monitor their smartphone’s whereabouts.

With that in mind, it is unsurprising that the yearly curve of users affected by stalkerware globally shows a decline in reports from March to June 2020. That period coincides with the beginning of worldwide lockdowns. Later, when many countries around the world began to ease restrictions, the numbers began to rebound and stabilize.

As for geography, our solutions most often detected stalkerware in Russia, Brazil, and the US, all of which landed in the Top 5 in 2019 as well. Among Asian countries, the problem was most acute in India, and the hardest hit in Europe were Germany, Italy, and the UK.

2020’s most common stalkerware families

As for stalkerware apps, the most common specimen in 2020 was the one our solutions call Monitor.AndroidOS.Nidb.a. Its developers allow the app to be resold under other names, so it is prominent in the market. The iSpyoo, TheTruthSpy, and Copy9 apps, for example, are all Nidb. Interestingly, until just a year ago, this stalkerware family was only the third most prevalent.

Another very popular piece of spyware is Cerberus, which is sold as antitheft smartphone protection and hides itself to avoid notice. What’s more, like genuine phone-finding apps, Cerberus has access to geolocation, can take photos and screenshots, and records sound.

Other high-ranking stalking apps include Track My Phone (which our solutions detect as Agent.af), MobileTracker (which enables remote control of the victim’s device), and the stalkerware program Alnost. The latter, like Cerberus, appears to be an antitheft tool, but it’s available on Google Play, which declared war on stalkerware last year, because it meets the store’s requirements.
...

Continue Reading