Stalkerware

Apps are easily siloed in two categories: Malware and not malware. Candy Crush or Angry Birds may kill your productivity, and Facebook may be associated with unsavory activities, but with room for healthy debate none of them are expressly made to be evil. Malware apps generally are simply bad. A malware app called Trezor was made specifically to siphon funds from cryptocurrency wallets, “Ads Blocker” was made to serve more ads to mobile users. You get the picture.  

“Stalkerware” occupies a gray area. Once installed, it allows a third party to track their target’s location, intercept text messages, keystrokes, photos, call history and more. These apps occupy an ethical swamp: For trying to keep tabs on a child or an elderly relative, say, with dementia, “stalkerware” is a useful tool. For partners in an abusive relationship, it can be an Orwellian and potentially life-threatening nightmare.

While the intent behind the uses of stalkerware apps may be ambiguous, their increasing popularity is not: A recent study by Norton LifeLock shows that reported usage has increased over 60% between September 2020 and May 2021. The same study indicated that 34% of adults had admitted to checking in on their significant others online without their knowledge.

What seems like harmless snooping can have deadly consequences.

“The people who end up with this software on their phones can become victims of physical abuse, of physical stalking. They get beaten. They can be killed. Their children can be kidnapped. It’s the small end of a very large, terrifying wedge,” said Eva Galperin, Director of Cybersecurity for the Electronic Frontier Foundation and anti-stalkerware advocate.

Stalkerware isn’t strictly malware. There is no hidden payload that comes by way of an email attachment or app. It is typically installed by someone with access to a mobile device. Anti-malware or cybersecurity apps offer little protection if a valid, legal app is installed to a device by someone with physical access–especially if they are on the same data plan and living at the same address.

As awareness of the dangers of stalkerware has grown, so too has the push to either regulate it or to ban it outright. The Coalition Against Stalkerware has lobbied not just governments to address criminal behavior perpetrated through stalkerware apps, but also antivirus companies to recognize and identify them as malware and increase the chance of protecting against it.

I made a simple video of the Prey app here, and while it is no longer available, the TikTok video embedded below shows how tricky these apps can be to spot on a target device. 

@android_infosecurityHow stalkerware app steals received WhatsApp messages, even before the victim reads them. 👉 This technique is possible because of the capability of♬ CITY OF ANGELS – ALMIGHTY WATCHING