The stalker on your mobile: the spyware drama ‘stalkerware’
In 2020, at least 53,870 mobile users around the world were secretly spied on by someone else through their devices. Although they were less than two years ago (67,500), in 2021 there will be many more who will be secretly harassed, according to the forecasts of the cybersecurity company Kaspersky. The phenomenon of digital espionage, known to cybersecurity experts as stalkerware, It has started to become popular and out of control in recent years with the rise of mobile devices and hyperconnection, a product of the development of new technologies and confinement due to the coronavirus pandemic. Kaspersky has raised its voice against this practice in a report published this year.
“We see that the number of users affected by stalkerware it has remained high and we detect new samples every day. It is important to remember that there is a real life story of someone behind all these numbers and a silent call for help, ”explains Victor Chebyshev, head of Kaspersky’s research development team, in the report. The company has published the report together with the Coalition Against Stalkerware, a project that brings together more than 20 companies cybersecurity experts concerned about the rise of this cyber activity.
But what is the stalkerware, how does it work and who are its victims? It is a software that allows the monitoring and monitoring of a user’s activity on a smart device, such as a mobile phone, a tablet or a computer. The problem with this software is that it was not created specifically for espionage and harassment, but for the exchange of data between devices in a simpler way. “Although some of these tools may have a legitimate use, such as parental controls, many times we observe how it is installed on someone else’s devices without their consent, allowing them to spy on their communications and all their activity thanks to the functionalities and sensors that incorporate these devices ”, explains Josep Albors, Research Director of ESET.
Such is the case of NIDB, one of the tools that Kaspersky considers “the most used to do stalkerware”. NIDB, according to the information provided by the company, is a powerful and easy-to-install database system designed to “allow easy import, search and exchange of image data.” “The data is stored on your site, controlled by you, to share it with other sites whenever you want,” says NIDB. But the problem is when these tools are installed on other devices and whoever controls and observes what happens on that mobile, tablet or computer is someone other than the owner of the device.
NIDB is not alone. On the market there are several products of stalkerware different, such as iSpyoo, TheTruthSpy and Copy9, among others. Other applications of stalkerware they often disguise themselves under a false name with suspicious access to messages, call logs, location and other personal activities. For example, an application called WiFi who has access to geolocation is a suspicious candidate, ”the report warns. But what about who is spied on?
“We have to bear in mind that the stalkerware It is usually used by those who want to spy on or control other people, so uninstalling the application as soon as they find out about its existence can have negative consequences and even lead to physical aggression ”, warns Albors. Instead, the expert recommends that the victim inform the competent authorities of their situation so that they act accordingly and assess the need for any type of support to avoid reprisals. Along the same lines, Daniel Creus, Kaspersky cybersecurity analyst, suggests that “it is the victim who has to take into account their personal circumstances to determine how to proceed.” Unfortunately, the victims of stalkerware They usually realize when a long time has passed and their privacy has been violated time and time again. And the worst thing is that his perpetrators are usually close people. “It happens especially in abusive relationships,” says Creus and assures that the phenomenon is global.
In terms of geographical distribution, Russia (12,389 victims), Brazil (6,523), the United States (4,745), India (4,627) and Mexico (1,570) are the most affected countries worldwide, at least during 2020. In Europe, Germany (1,547), Italy (1,345) and the United Kingdom (1,009) are the three countries with the most cases of stalkerware. Spain is ranked number twelve in the world list with 873 reported cases, but it is the fifth among the European countries with the most reported incidents. And the cases could be many more, since these are only those that Kaspersky has detected. “We are sharing our part of the picture with the community in order to gain a better understanding of the problem. But it is clear that we all need to share what we are finding in order to further improve detection and protection for the benefit of those affected by cyber violence, ”says Chebyshev.
Avoid and report
“To install such software, you need access to the victim’s device. For this reason, it is essential to protect our smartphone with the appropriate security measures (PIN, patterns and biometric measures) to prevent it from being easily unlocked. In addition, we can establish access restrictions to certain sections of the device, such as the system configuration, to prevent applications from being installed from unknown sources and excessive permissions granted ”, recommends Albors.
But how do you know if someone is spying? It is complex, but not impossible. The first step is to verify the permissions on the installed applications, make sure that they were installed by the owner of the device and eliminate those that are not used. “If the application has not been opened in a month or more, it is probably safe to assume that it is no longer needed,” they explain from Kaspersky. Also, you have to check the settings of the unknown sources on Android devices, mainly. If Unknown Sources is enabled on the device, it could be a sign that unwanted software was installed from a third-party source.
Another step is to check the browser history. “To download stalkerware, the abuser must visit some web pages that the affected user does not know, although it could happen that he does not find anything in the history if the abuser has deleted it, “they warn in the report. But the experts at ESET and Kapersky agree that the most important thing is to rely on proven cybersecurity protection and there are several applications and services for this, como Kaspersky Internet Security (Android), TinyCheck, LastPass o Avira, que son gratuitas.