Blog Post

I AM TRACKING YOU, AND YOU DON'T KNOW

  • Barjinder Kaur
  • published date: 2021-04-14 10:41:02

With the increase usage of smartphones, stalkers found new way to abuse their victims by stealing their online freedom. Usually, this is done by stalkerware apps which are a growing concern in domestic violence. In the recent past, these apps have come with disturbing and dangerous implications as they easily installed without victim's knowledge.

There are two ways to spy on a person, either physically or virtually. Physical spying is when somebody follows a person; however, it is called virtual spying when it is done with some applications. In both cases, the person does not know or aware of the perpetrator's intention, where the purpose could be abuse, harassment, etc. With spying moving from physical to virtual world, a term popularly used is stalkerware "a type of applications that abusers use to monitor and track their victims"[1]. As the number of phone users increases exponentially, these stalkerware apps are automatically installed since they are hidden inside other software applications and never give notification. For example, Cerberus, a readily available tool at Google Play, is spyware and is sold in the form of antitheft smartphone protection, which can access the geo-location, capture photos, and even record the sound [2]. Now, the stalkerware abuser can easily control the victim's movements.

The Second National Survey on technology abuse and domestic violence in Australia launched by WESNET findings stated that between 2015 and 2020, there were 99.3% domestic violence cases due to this type of technology. Another study conducted by Centre Hubertine Auclert in France showed their partners abused 21% of victims with the stalkerware apps. Nearly 69% felt intrusion into their privacy as their intimate partners easily accessed their smartphones [3]. This shows that the most common victims of this virtual abuse are the direct partners as they trust them and give them easy access to their phones[4].

How to detect stalkerware installation on your phone.

  1. Stalkerware usually runs in the background draining the battery and using mobile data.
  2. There are a set of Android features to control phone settings, read text, etc. If unfamiliar app needs permission, it's most likely the stalkerware.
  3. Regularly check browser history; if you didn't find any, abusers have wiped it all.
  4. Constant heating of the phone could also be the reason for stalkerware.

Minimizing the risk:

  1. Do not disclose the password and change regularly.
  2. The phone screen lock pattern should be kept complex.
  3. Do not give the phone to anyone or regularly check to see what happens to the phone later.
  4. Always disable the third-party installation.
  5. Several solutions are provided in cyber-security for detecting stalkerware, of which most recently "TinyCheck" detection tool developed by Kaspersky is available to fight against digital threat[5].

 

Recommended Links:

[1] https://blog.f-secure.com/what-is-stalkerware/

[2] https://www.kaspersky.com/blog/stalkerware-in-2020/39102/

[3] https://securelist.com/the-state-of-stalkerware-in-2020/100875/

[4] https://www.kaspersky.com/blog/stalkerware-in-2020/39102/

[5] https://blog.malwarebytes.com/privacy-2/2021/03/coalition-against-stalkerware-partners-tool-finds-stalkerware-in-new-way/

 

 

 

Brief Bio:

Dr. Barjinder Kaur received her PhD in Computer Science & Engineering from DCRUST, India in 2018. Her PhD work was focused on Brain-Computer-Interface (BCI) systems for biometric and emotion recognition problems using machine learning techniques. Currently, she is a post-doctoral fellow with Prof. Ali Ghorbani in Canadian Institute of Cybersecurity (CIC) at University of New Brunswick (UNB) where she is working on IoT data security and threat prediction problems.