Stalkerware in the year of COVID-19

Spread the love

Stalkerware – secret surveillance software used in the field of domestic violence – remains a significant problem according to Kaspersky report. It found that a total of 53,870 mobile users were affected globally by stalkerware in 2020.

The recent Kaspersky report, “The State of Stalkerware 2020”, shows that the situation has not much improved compared to the year before. In 2019, 67,500 mobile users were affected.

At the same time, when talking about improvements, it is important to take the start of the pandemic into account as stalkerware is often used to digitally control the life of an intimate partner.

With this in mind, it is unsurprising that the yearly curve of users affected by stalkerware globally shows a decline in reports from March to June 2020, before numbers began to stabilize thereafter. This coincides with the beginning of worldwide lockdowns, and later when many countries around the world began to ease restrictions.

Stalkerware is a form of cyberviolence, and a global phenomenon that affects countries regardless of size, society, or culture: Russia, Brazil, the United States of America, India (4627) and Mexico are at the top of Kaspersky’s 2020 list of countries where users are most impacted.

Below them, Germany is the first European country, occupying sixth place in the global rankings. Iran, Italy, the United Kingdom and, lastly, Saudi Arabia complete the ten most affected nations.

Table 1 – 2020 Top ten most affected countries by stalkerware- globally

CountryAffected users
1Russian Federation12389
2Brazil 6523
3United States of America (USA) 4745
4India 4627
5Mexico 1570
6Germany 1547
7Iran 1345
8Italy 1144
9United Kingdom (UK) 1009
10Saudi Arabia 968

“We see the number of users affected by stalkerware has remained high and we detect new samples every day. It’s important to remember that there is somebody’s real-life story behind all these numbers, and sometimes there is a silent call for help,” said Victor Chebyshev, Research Development Team Lead, Kaspersky.

“Therefore, we are sharing our part of the picture, with the community working to end the use of stalkerware in order to have a better understanding of the issue. It is clear that we all need to share what we are finding so we can further improve detection and protection for the benefit of those affected by cyber violence,” commented Chebyshev.

Action against cyber violence
In 2019, Kaspersky co-founded, along with nine other organizations, the Coalition Against Stalkerware, which now has 30 members from five continents. The Coalition aims to improve industry detection of stalkerware, mutual learning from non-profit organisations and companies, and raise public awareness.

“The member organisations in the Coalition Against Stalkerware have made tremendous strides in the last year, including awareness-raising, detection of stalkerware, and research into the daily lives of survivors of domestic abuse,” said Eva Galperin, Director – Cybersecurity, Electronic Frontier Foundation, when commenting on the Coalition’s first anniversary.

“The Coalition has enabled us to take a holistic approach to a complex problem. There is no simple solution and we must keep pushing forward on many fronts,” added Galperin.

Additionally, in November 2020, Kaspersky released a free anti-stalkerware tool called TinyCheck in order to help non-profit organizations support victims of domestic violence and protect their privacy.

Its unique feature revolves around being able to detect stalkerware and inform affected users without making the perpetrator aware. The tool is supported by the IT security community and constantly updated with the help of that community.

Users can check if their mobile device has stalkerware installed by looking for the following signs:

-Check permissions in installed apps: Stalkerware applications may be disguised under a fake app name with suspicious access to messages, call logs, location, and other personal activity. For example, an app called “Wi-Fi” that has access to your geolocation is a suspicious candidate.
-Delete apps that are no longer being used. If the app has not been opened in a month or more, it is probably safe to assume it is no longer needed; and if this changes in the future, it can always be reinstalled.
-Check “unknown sources” settings on Android devices. If “unknown sources” are enabled on your device, it might be a sign that unwanted software was installed from a third-party source.
-Check your browser history. To download stalkerware, the abuser will have to visit some web pages the affected user does not know about. Alternatively, there could be no history at all if the abuser wiped it.
-Use proven cybersecurity protection, such as Kaspersky Internet Security for Android, which protects you against all kinds of mobile threats and which run regular checks on your device.

Before removing stalkerware from a device

-Do not rush to remove stalkerware if found on the device as the abuser may notice. It is very important to consider that the abuser may be a potential safety risk. In some cases, the person may escalate their abusive behaviours in response.
-Contact local authorities and service organizations supporting victims of domestic violence – for assistance and safety planning. A list of relevant organisations in several countries can be found on stopstalkerware.org. -Consider whether you want to preserve any evidence of the stalkerware prior to removal.
-Trust your gut instinct and do what feels safest to you.

Leave a Reply

Your email address will not be published. Required fields are marked *