The Rise of Stalkerware

According to a 2014 study by the National Network to End Domestic Violence, 54 percent of domestic abusers used stalkerware – software sold by legally registered companies under various pretenses, such as child monitoring or employee tracking solutions – to track their victims’ mobile phones, and anti-spyware company Certo has stated that demand for such products has “certainly increased in recent years.” We spoke with RANE expert Tom Jagielski, Director of Professional Services at BeyondIT, Inc., to discuss the proliferation of the software and what steps firms should take to lessen the chances that their employees become victims of stalkerware.

Jagielski notes that stalkerware is a form of consumer spyware technology that is being marketed for purposes such as keeping track of children but is often being used by ex-husbands, ex-wives, domestic abusers, and other bad actors who are hoping to track or monitor someone with ill intent. A 2014 survey of 72 domestic violence shelters by NPR found that 85 percent had assisted victims whose abusers had tracked them via software that tracked the GPS locations of their mobile devices.

  • Stalkerware can pull texts, intercept calls, track GPS locations, remotely switch on the device’s microphone, and even log keystrokes from a victim’s device. After installing the software on the victim’s phone, the user can view the contents of the phone remotely by logging into an online interface that monitors the device’s activity.
  • Stalkerware installation usually requires the user to have physical access to the victim’s device, though it can be deployed via phishing attempts.
  • Parents and guardians use consumer spyware to legally monitor their kids, and some companies use it to track the activities of employees who possess a company-issued phone, though this is usually done with the employee’s consent.

The software’s low annual or monthly subscriptions fees, coupled by the ease in which it can be deployed and how difficult it is for the everyday person to detect, has led to a spike in stalkerware users across the globe.

  • According to data provided to Motherboard by two hackers, close to 130,000 people have had an account with Retina-X or FlexiSpy, two of the largest providers of stalkerware.
  • Though spyware is prohibited by most major app stores, some, including mSpy, can be downloaded directly onto Android phones through the providers’ web pages.
  • Anti-virus software can be successful in detecting some stalkerware on a victim’s device. By July 2019, Kaspersky’s specific anti-stalkerware product had detected malicious apps on phones belonging to 7,000 customers around the globe after being released just three months earlier.

Source - Inside the Secretive World of Stalking Apps

Outside of the direct ramifications of stalkerware such as domestic violence and the potential theft of intellectual property or critical market data, stalkerware poses a number of additional risks.

  • Jagielski warns that not only do the users of the software get access to the victim’s data, but the software providers do as well, which could lead to the victim’s personal data being compromised due to the limited security that stalkerware providers have on their servers, with the hackers seeking to download victims’ data to sell or exploit.

Jagielski advises that stalkerware firms are getting savvier and are beginning to sell phones that have stalkerware pre-installed on them, and he suggests that firms caution their employees against accepting mobile devices or laptops that have come from unknown or illegitimate channels.

  • To help avoid stalkerware, Jagielski suggests that companies warn employees to always be aware of the location of their cellular devices and laptops, especially for employees going through especially tense periods such as divorces or custody battles.
  • For organizations that are concerned about the potential of spyware being used against their employees, RANE experts recommend that mobile devices be fully powered off in sensitive areas or whenever not actively being used and, in some cases, not permitted to be carried into sensitive work areas or meetings.

Share this article