Security News

Do these three things to keep stalkerware at bay

Grace Roberts, 8 July 2020

Use of this unethical tracking software has surged during lockdown, but here’s how you can protect yourself

Compared to January and February this year, before lockdown measures took effect, March through June saw a surge in the use of stalkerware, an insidious kind of software that allows users to track both the physical and digital moves of others, sometimes accessing photos, videos, and emails, sometimes even tapping into their WhatsApp and Facebook accounts. 

It’s a sad truth that domestic violence incidents have increased since stay-at-home orders were issued, but that abusive behavior seems to have carried over into the digital world as well. Avast Threat Labs observed a 51% increase in spyware and stalkerware from March through June, in comparison to the first two months of the year. 

“Stalkerware is a growing category of domestic malware with disturbing and dangerous implications,” said Jaya Baloo, Avast CISO. “It steals the physical and online freedom of the victim. Usually installed secretly on mobile phones by so-called friends, jealous spouses, ex-partners, and even concerned parents, stalkerware tracks the physical location of the victim, monitors sites visited on the internet, text messages, and phone calls.”

Chart for Marina

The increase in connected devices and the availability of stealthy spy- and stalkerware apps are another way for abusers to exert control over their victims who have been unable to leave their home due to coronavirus preventative measures, according to Erica Olsen, Safety Net project director for the National Network to end Domestic Violence (NNEDV), a social change organization dedicated to creating a social, political, and economic environment in which violence against women no longer exists.

“Stalkerware, which is designed to operate in stealth mode with no persistent notification to the user of the device, gives abusers and stalkers a robust and invasive tool to perpetrate harassment, monitoring, stalking, and abuse,” said Olsen. “This can be terrifying and traumatizing for the person. During this public health crisis, there have been several reports documenting the increased detection of stalkerware, which could be indicative of increased access to personal devices during lockdown or stay-at-home orders. It could also be reflective of an abuser increasing or changing their tactic if the victim is now actually out of the house more often, if they are an essential worker in healthcare, for example.”

Since March 2020, Avast has protected over 40,000 users from such malware across the globe. In order to mitigate against the threat of stalkerware, we’re providing the following simple, actionable steps:

Rule #1: Secure your phone against all unauthorized physical access

Use the lock screen on your device. It takes less than a minute to install a stalkerware app, and, according to Pew Research, more than 25% of mobile users fail to use lock-screen protection on their smartphones. That kind of easy access helps suspicious partners to install stalkerware without being noticed. Do not lend your unlocked phone to anyone unless you fully trust their intentions.

Rule #2: Install a trusted antivirus on your mobile phone

A good mobile antivirus will treat stalkerware as a PUP – potentially unwanted program – and give you the option to remove it. Avast Mobile Security keeps your mobile device secure from stalkerware in addition to other malware and potentially malicious apps. Avast worked with Google to remove eight of the biggest stalking apps from the Play Store last year, and we are continuing this work as new developments in stalkerware arise.

Rule #3: Look for hotlines and victims’ services providers.

However, if you don’t feel safe, trust your instincts. If you need to source help and support fast – you should not hesitate to seek it. Organizations such as Operation Safe Escape can help.

Operation Safe Escape is a victim support organization that provides valuable support and education for victims of domestic violence and abuse, and can help with issues of personal, physical and digital safety. If it’s possible your device has been compromised by stalkerware, avoid using it to contact support. If you are able, use an anonymous device such as a library computer or a friend’s phone in order to avoid alerting the stalker.

“Across the globe, it’s been reported that the number of domestic violence cases have consistently increased during lockdown,” added Baloo, “and that tallies with what we’re seeing. We’re committed to doing all that we can to protect our users from this rising threat.”