As smartphone users, many of us don’t think twice before handing over our devices to people we trust. Be it family, a friend or a colleague. Sometimes, it’s for the simplest of tasks—clicking a picture, trying that latest game or just listening to music.
But given the rapidly spreading use of a menacing form of spyware called stalkerware, it may be time to keep that mobile phone safe even from those you trust. And watch out for telltale signs that it may be compromised.
“Spyware”, as the word suggests, is any software that installs itself on your phone or any other device and starts monitoring your online behaviour without your knowledge. Once in control, attackers can access the camera to take pictures, record video and audio, and track a user’s precise GPS location. Stalkerware is one of the easiest to access.
“The main difference between stalkerware and other types of malware is that stalkerware usually is not used by some anonymous cybercriminals but rather by people that are known and often even very close to the victim,” says Ondrej David, malware analysis team leader at the multinational cybersecurity company Avast. “It is usually installed discreetly on smartphones by their ‘friends’, jealous spouses or ex-partners,” David explains on email.
In fact, Avast identified patterns between the use of stalkerware and the covid-19 lockdown in 2020. Last year, Avast Threat Labs, a global cybersecurity network feed of security researchers, discovered a 51% increase in spyware and stalkerware from March-June compared to January-February. It’s a trend that has shown a particularly steep upward curve in the second quarter of 2021, says David. In the case of India, Avast Threat Labs observed a 30% increase in spyware and stalkerware compared to the first quarter and a 47% year-on-year increase.
According to reports from other cybersecurity companies, stalkerware is hitting users around the world. The State Of Stalkerware In 2020 report, released by the cybersecurity firm Kaspersky in February, showed that 53,870 mobile phone users were affected globally by stalkerware in 2020. Most of these victims were in Russia (12,389), followed by Brazil (6,523), the US (4,745) and India (4,627).
Until a few years ago, only individuals with advanced computer skills could practise cyberstalking. This is no longer true: Stalkerware is advertised online and easy to find, download and use. “Access to such software is not very difficult and they are relatively affordable,” says Abhishek Karnik, director, anti-malware research and response, principal engineer, McAfee. In October, Google removed several ads for violating its policy on stalkerware surveillance apps that encouraged users to spy on their spouses or significant others.
Cybersecurity companies have been working on ways to tackle the threat. Kaspersky, for instance, released a free anti-stalkerware tool called TinyCheck in November last year to help non-profit organisations support victims of domestic violence and protect their privacy.
But what can individual users do to detect and remove such apps or software from their devices? “Preventing installation is a priority,” says David. “The first thing to do is to ensure that the phone is protected by a PIN or password.... The second is to install a trusted antivirus software, which will alert the user of any attempt to install stalkerware and could flag it as a PUP (potentially unwanted program) and offer to remove it.”
There are some telltale signs a user can watch out for. Apart from a visible lag in phone performance, a user might find settings have changed without their consent, with a new home page on the browser, for example, or new icons on the desktop, and a different default search engine. Or, there could be a sudden influx of error messages from apps that had been working well.
Karnik says it may not always be easy to identify whether you are a victim of stalkerware apps. A big indicator would be if you find that someone who should not be aware of your whereabouts and online activities is constantly in the know. “Look for unknown apps that you do not recall installing and delete them,” Karnik adds. “An app that teaches yoga, for example, may not need access to your contacts, microphone, camera, location, etc. It’s even more suspicious if someone asked you to install such an app or installed it for you. A lot of stalkerware apps disguise themselves as a utility—for example, a calculator,” he adds.
The Clinic to End Tech Abuse, a project of Cornell University, US, that provides direct help to survivors of domestic violence, lists some steps to tackle tech-related risks: for example, cross-checking the installed apps list in the Google Play Store and the “app drawer”, the section in your phone where the app is installed. You can also look for “hidden apps” that do not show in the app drawer. Better safe than sorry, as the saying goes.
KNOW YOUR MALWARE
Stalkerware: Stalkerware apps record information and track your online activities. These are designed to deprive victims of their physical and virtual freedom.
Ransomware: Ransomware “kidnaps” your sensitive files, using encryption, and holds them hostage unless you pay up. These attacks target all kinds of files, from personal to professional.
Try the automated method: Can’t remove stalkerware apps manually? Install antivirus software: Kaspersky Internet Security for Android, Norton Mobile Security for Android, and Anti-Spyware Scanner and Remover from Avast are popular.