It looked like a calculator app. But it was actually spyware recording my every keystroke—the type of data that would give a stalker uninterrupted access to my private life. That’s what I concluded after downloading the free app Flash Keylogger on an Android smartphone this week. The app describes itself as a tool for tracking family members’ online activities based on what they type. once it was installed from of google Official App Store, its icon can be changed to Calculator or Calendar app. In my tests, the app documented all of my typing, including web searches, text messages, and email.
Flash Keylogger is part of a rapidly expanding group of apps known as “stalkerware”. While a few years ago these apps counted in the hundreds, they have grown into the thousands since then. They are Google’s. are widely available play store and to a lesser extent Apple’s App Store, often with innocuous names like MobileTools, Agent, and Cerberus. And they’ve become such a tool for digital domestic abuse that Apple and Google have begun to acknowledge over the past year that apps are an issue.
From last September to May, the number of devices infected with stalkerware increased by 63%, according to a study by security firm NortonLifeLock. This month, the Federal Trade Commission said it had blocked Support King, an app-maker, from offering SpyFone, a piece of stalkerware that gained access to a victim’s location, photos and messages. This was the first restriction of its kind.
“It’s extremely offensive, it’s a huge deal and it’s linked to some of the worst abuse I’ve seen in intimate partner abuse,” said Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, a digital rights organization. said .
Stalkerware is a thorny issue because it resides in a gray area. There are legitimate uses for monitoring apps, such as parental control software that monitors children online to protect them from predators. But this technology becomes stalkerware when it is secretly installed on the partner’s phone to spy on the partner without consent.
Such apps are more widespread on phones running Android, the researchers said, because the more open nature of Google’s software system gives programs deeper access to device data and allows people to install whatever apps they want on their phones. gives. Yet new stocking software targeting iPhones has also emerged.
Google said it banned apps that violated its policies, including Flash Keylogger, after being contacted about the app.
An Apple spokesperson told me about a security guide it published last year in response to the threat from these apps. He said the new stalkerware was not a vulnerability in the iPhone that could be fixed with technology if someone had access to a person’s device and passcode.
Fighting stalkerware is tough. You can’t doubt that it is there. Even if you did, it can be difficult to detect because antivirus software recently started flagging these apps as malicious.
Here’s a guide to how stalkerware works, what to look for, and what to do about it.
types of stalkerware
Monitoring software has proliferated on computers for decades, but more recently spyware makers have shifted their focus to mobile devices. As mobile devices had access to more intimate data, including photos, real-time location, phone conversations and messages, the apps became known as stalkerware.
Different stalkerware apps collect different types of information. Some record phone calls, some log keystrokes and others track location or upload photos of a person to a remote server. But they all generally work the same way: An abuser with access to the victim’s device installs an app on the phone and disguises the software as normal software, like a calendar app.
From there, the app hides in the background, and later, retrieves the abuser data. Sometimes, the information is sent to the abuser’s email address or it can be downloaded from a website. In other scenarios, abusers who know their partner’s passcode can simply unlock the device to open stalkerware and review the recorded data.
self defense steps
so what to do? The Coalition Against Stalkerware, which was founded by the Electronic Frontier Foundation and other groups, and several security firms, offered these tips:
– See unusual behavior on your deviceLike a fast draining battery. An inexpensive way to do this is to have a stalker app constantly running in the background.
– scan your device. Some apps like Malwarebytes, Certo, NortonLifeLock, and Lookout can detect stalkerware. But to know for sure, take a closer look at your apps and see if there’s anything unfamiliar or suspicious. If you find a piece of stalkerware, hold off before removing it. This can be useful evidence if you decide to report the abuse to law enforcement.
– Need help. In addition to reporting stalking behavior to law enforcement, you can seek advice from resources such as the National Domestic Violence Hotline or the Safety Net Project, hosted by a national network to end domestic violence.
– Audit your online accounts To see which apps and devices are connected to them. On Twitter, for example, you can click the “Security and account access” button inside the Settings menu to see which devices and apps have access to your account. Log out of anything that looks shady.
– Change your password and passcode. It is always safe to change passwords for important online accounts and avoid re-using passwords on all sites. Try to create long, complex passwords for each account. Likewise, make sure your passcode is difficult for anyone to guess.
– Enable two-factor authentication. For any online account that offers it, use two-factor authentication, which basically requires two forms of verification of your identity before you can log into an account. Let’s say you have entered your username and password for your Facebook account. That is step one. Facebook then asks you to punch in a temporary code generated by an authentication app. That’s step two. With this protection, even if an abuser finds out your password using a piece of stalkerware, they can’t log in without that code.
– On iPhones, Check Your Settings. A new stalker app, WebWatcher, uses a computer to wirelessly download a backup copy of a victim’s iPhone data, according to mobile security firm Certo. To defend yourself, open the Settings app and check the General menu to see if “iTunes Wi-Fi sync” is turned on. Disabling it will prevent WebWatcher from copying your data.
Apple said it was not considered an iPhone vulnerability because it required an attacker to be on the same Wi-Fi network and have physical access to the victim’s unlocked iPhone.
– start fresh. Buying a new phone or wiping all data from your phone to start afresh is the most effective way to rid your device of stalkerware.
– update your software. Apple And Google regularly releases software updates that include security fixes that can remove stalkerware. Make sure you are running the latest software.
Brian X. Chen@c.2021 The New York Times Company
read all breaking news, breaking news And coronavirus news Here. follow us on Facebook, Twitter And Wire.
.