stalkerware

The number of stalkerware apps detected on smartphones increased in 2019, a full 60% over the previous year according to a new report released by Kaspersky Labs. 

The anti-virus company’s annual mobile malware report said stalkerware reports increased from 40,286 in 2019 to 67,500 in 2019, figures derived from data gleaned from Kaspersky product users that consented to provide statistical data for research purposes.

Stalkerware apps (also called spouseware) are designed to track and stream personal information on a target user’s phone, including photos, videos, email, phone calls placed, SMS communications, and location data. While not specifically illegal, the apps are banned from both Google Play and the Apple App Store because of ethical and privacy considerations. 

The Federal Trade Commission launched investigations into the developers of three different “stalkerware” apps in late 2019, for being “uniquely suited to illegal and dangerous uses.”

What You Need to Know

Stalkerware apps are installed by someone with physical access to a device (potentially by a spouse or parent) or via phishing exploits where the sender lures their target into clicking a link or downloading something that appears to be legitimate. This is thought to be the way Amazon founder and CEO Jeff Bezos was hacked in 2019.

While stalkerware is designed to operate undetected, there are warning signs that a smartphone may be compromised:

  • Insecure Device Settings: Many Android devices provide a setting that allows the remote installation of Apps. It can be found under Settings > Security > Allow unknown sources, or Apps > Menu > Special Access > Install unknown apps. This setting could indicate the presence of stalkerware on a device.

  • Unexpected Battery Drain: Intercepting and transmitting data and other activity from a smartphone can be energy intensive. A battery that is quickly depleted may indicate the presence of a hidden application using system resources.

While many commercial malware and security apps can potentially identify or prevent the installation of stalkerware apps, if you are concerned about the presence of it on your device, take a moment to enable security settings including PIN codes, and 2-Factor authentication. Alternatively, a factory reset can be effective, removing most (nothing is failsafe in things cyber) if not all malicious apps.