58 Stalkerware Apps

Spouseware. Nope! Not the term used when your spouse troubles you!

It is a mobile monitoring software, also known as mobile stalkerware. This is installed by the stalker onto a victim’s phone without their knowledge. A stalker usually requires to have physical access to the victim’s device.

Due to this, the stalker is usually a very close friend or family member. These apps have the ability to track GPS location, conversations, images, and browser history of a victim. Due to the volume of data amassed by these apps and transmitted to the stalker, a study was conducted to analyse how these apps protect the data they track.

Stalkerware apps are usually flagged once identified. To stay hidden and lay low, these are usually disguised as an app claiming to protect women and children, however, these apps do not shy away from using the word “shy” on their websites.

Fig 1. Example of a stalkerware app disguised as an app offering protection

A group of researchers analyzed 86 stalkerware apps for Android, provided by 86 different vendors. The analysis identified several serious security and privacy issues.

The security issues ranged from an attacker taking control of the victim’s device, taking over the stalker’s account, intercepting the victim’s data, framing the victim by uploading fabricated and duplicated evidence.

These issues were reported to the vendors. However, very few vendors had taken the effort to fix these issues. Several vendors did not respond to these analyses.

Below is the list of issues identified.

Also Read

‘FluBot’ Malware Delivery Via SMS Texts Targets Android Devices

New Advanced Android Malware Poses as “System Update” to Steal Messages, Images and Taking Control of Android Phones

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.