Contents:
According to a new study, Android stalker and spyware detection suddenly increased by 48% in the past year. The research showed multiple security and privacy problems that could lead to a threat actor taking control of a potential victims’ device.
One of the problems is that the sellers do not seem to have any interest in addressing the flaws discovered in their products.
This week, an important internet security company researcher made public telemetry data focused on Android stalkerware detection, disclosing that utilization of these shady applications started to ascend two years ago, with a five-fold growth announced when compared to 2018. The research also shows 48% more Android stalkerware detections in 2020 than in 2019.
What is stalkerware?
The Coalition Against Stalkerware defines it as being any tool (software programs, apps, and devices) that allow someone to secretly spy on another individual’s private business through their mobile device.
The snooper can surveil from the distance the whole device including web searches, geolocation, text messages, photos, voice calls, and much more. Such programs are easy to purchase and install. Furthermore, the data collected by these apps are sent to an operator.
They operate concealed in the background, without the affected person knowing or giving their consent. Regardless of stalkerware’s availability, the abuser is accountable for using it as a tool and hence for committing this crime.
Installing software to monitor someone’s activity without them knowing isn’t just a bad idea, but it exposes them to danger. The apps hide all sorts of malicious code, and there is a possibility that they can steal private information and financial data.
While many of these apps are advertised as a manner to keep an eye on your children for their protection, the harmful character of these apps is thought to make them unethical.
According to the cybersecurity researcher, many sellers promoted their products as a way to keep safe not only children but also workers and women and do not seem to care about the flaws discovered in their products.
If nothing else, stalkerware apps encourage clearly ethically questionable behavior, leading most mobile security solutions to flag them as undesirable or harmful.
However, given that these apps access, gather, store, and transmit more information than any other app their victims have installed, we were interested in how well these apps protected that amount of especially sensitive data.
During its research, the cybersecurity firm discovered more than 150 security vulnerabilities in 58 Android stalkerware apps.
The biggest problems identified during the research included:
- Unstable data transmission
- Saving private data on external media
- Exposure to sensitive user information
- Server leak of stalker information
- Unauthorized data transmission from device to server
In many situations, the vulnerability also affected the security of the sellers themselves and their stalker clients.
The impacted sellers have been informed of the bugs with a majority of 44 of them not responding at all. Only six developers have fixed their software while seven have promised to patch soon.