Stalkerware makes invasive surveillance more personal than ever
June 2020 by F-Secure
Cyber security provider F-Secure has joined the Coalition against Stalkerware to support the efforts of advocacy groups, software developers, security firms, and victims working to eliminate this new threat.
Stalkerware can be generally defined as surveillance software that enables the monitoring of an individual without consent for purposes of harassment, stalking or other forms of abuse. Providers of these tools often hide them in plain sight by marketing them as benign or even helpful apps.
In February, F-Secure’s Tactical Defense Unit analyzed one such app called KidsGuard.* The analysis found that the app can be installed on a phone without the user’s permission or awareness to obtain GPS locations, account name, on-screen screenshots, keystrokes, and also access to photos, videos, and browser history.
Since then, F-Secure’s researchers saw stalkerware activations increase as the shelter-in-place orders related to Covid-19 began in early March. Even today, detections have remained higher than before the pandemic forced people into isolation, indicating a small but sustained increase in the use of these apps. "Stalkerware evolved from the same culture of mass surveillance and data collection that now pervades the internet,” said F-Secure Vice President Christine Bejerasco, who leads F-Secure’s Tactical Defense Unit (TacDef). “But what makes this a threat that hits closer to home is these simple-to-use apps can be installed on an Android device either from an obscure website that hosts the app or from app stores in spite of attempts to stop them. This puts these intrusive surveillance capabilities into abusers’ hands.”
The most prevalent stalkerware app detected by TacDef is Cerberus. The software markets its features as tools for monitoring a child or protecting a stolen device. However, many of the app’s advertised capabilities are easy for a stalker to weaponize. For example:
• Taking pictures of thieves can give a stalker access to the device’s photos
• Backing up data can give a stalker access to all the information stored on their victim’s device
• Setting secure areas and receiving alerts when the device enters/exits the area can allow a stalker to monitor their victim arriving and leaving specific places “We’re committed to protecting F-Secure’s customers from the culture of pervasive surveillance and data collection that’s consuming our digital lives,” said Bejerasco. “Joining this coalition of like-minded organizations will enable us to address this threat on a wider scale.”
The coalition’s goals include improving the identification of unwanted, potentially abusive technologies throughout the industry, and raising awareness about stalkerware threats.