The increase in people working from home has unfortunately led to an increase in companies remotely monitoring employees using software.
But it’s not just your boss. Anyone can monitor others using a type of software known as stalkerware. In our 2021 survey on remote work surveillance, we found that while 83% of employers think that there are ethical concerns with employee monitoring, 73% of them still use monitoring software.
What is stalkerware?
Stalkerware is a form of commercially available spyware that lets you monitor people you have a personal relationship. While stalkerware is most commonly used for monitoring employees, there are those who use it to spy on spouses or intimate partners.
Stalkerware use is increasing and it’s going mobile: In 2021, cybersecurity service Malwarebytes revealed that stalkerware detections hit an all-time high for smartphones with 54,677 alerts reported.
The main difference between stalkerware and spyware is that stalkerware is generally used by individuals while spyware is used by government and law enforcement agencies.
Stalkerware isn’t just unethical, it’s also just plain creepy. In this post, we explain the different types of stalkerware, how they work, and how to protect yourself from such apps.
Types of stalkerware apps and their common functionalities
Cybersecurity experts have not provided exact names for different types of stalkerware apps. However, they can be sorted by the types of information collected.
Apps that monitor communications
This class of stalkerware is designed to record phone calls and log keystrokes of every message and email you send.
Apps that track location
An app may keep track of GPS coordinates or guess your location based on the Wi-Fi networks you connect to. Location data can reveal a lot of information about a person and their habits. When paired with other information, location data could help any hacker or stalker piece a better picture of their victim. For example, a vindictive person could install stalkerware on their ex’s phone to monitor their whereabouts and find out fresh details about their lives.
Apps that steal files and intimate data
These apps watch your devices for any changes and transmit them to a server the stalker can access.This is particularly dangerous if a victim has sensitive data including photographs, video, and other types of recordings that could be implicate them.
Two of the most popular stalkerware apps, Cerberus and Reptillicus, operate in stealth mode. They allow users to read messages from third-party messengers like WhatsApp and Telegram, text messages, and view photos and videos in media galleries. Some stalkerware apps allow users to track calendar events, take screenshots, access contact lists, and even take front camera photos.
Here’s a look at some of the common stalkerware apps and the amount of users they’ve affected globally:
|Number of affected users globally
|Track My Phones
How to detect and remove stalkerware apps on your mobile devices
Smartphones tend to be victims of stalkerware apps mainly because they’re easier to access, and people generally take their smartphones with them everywhere they go. The amount of data collected from a smartphone alone is far more valuable than data from a PC or laptop.
Signs of stalkerware
There are several signs that you may have stalkerware on your smartphone, such as:
- Your smartphone behaving strangely after leaving it unattended
- Unusual processes running in your task or app managers
- Your battery depleting faster than usual
- Unusually high data usage on your smartphone
- Your device might unexpectedly reboot or restart
- Your device is heating up faster than usual or is overheating in general
- Your smartphone might also light up when in standby mode
- Altered permissions on apps and services
Identify and remove stalkerware apps on iOS
Scan for unfamiliar apps
One of the best ways to determine if there are stalkerware on your phone is to manually check for unfamiliar apps. If you don’t remember installing an app, it might be worth clicking on it and checking the app yourself. If you’re still unsure if an app is stalkerware, you could always search for its name online and get more information.
Check for unknown configuration profiles
To check for these configuration profiles, head to Settings > General > VPN & Device Management. If you spot a profile, you can click on it and find out what it does and delete it, if necessary.
Search for signs of a jailbreak
While it’s difficult for anyone to install stalkerware on iPhones because of app limitations set by Apple, it’s still possible if a hacker is able to jailbreak a phone and install stalkerware. The best way to check if your phone has been jailbroken is to manually check for apps that are unusual. Another sign that your phone has been jailbroken is if you’ve got an alternative app store called Cydia instead of Apple’s official App Store.
Perform a privacy audit
Some Apple data sharing features like Family Sharing, Find Me, and Shared Albums run the risk of being taken advantage of by malicious individuals. To protect its consumers, Apple has published a privacy checklist that consumers can follow to perform privacy audits.
Lock down iCloud
If you suspect that your phone has been tampered with, it’s best to reset your iCloud password to protect any sensitive data you might have. Additionally, you’ll want to enable two-factor authentication (2FA) for your Apple ID, too.
Identify and remove stalkerware apps on Android
Run Google Play Protect
Google’s Play Protect is a service that runs safety checks on apps downloaded from the Google Play Store before they’re downloaded onto your phone. The service also checks your device for potentially harmful apps.
Check the accessibility services on your phone
Stalkerware apps rely on access to your camera, microphone, and certain folders to do their jobs well. You can check if your phone has stalkerware apps by heading to the Accessibility settings on your device and see which apps have access to certain functions.
See if a device administrator has been installed
Device administration access is assigned to some pre-installed applications on Android devices, this sort of access allows apps to write, erase, and transfer data from the device if it’s stolen or goes missing. Stalkerware apps require access to these administration settings to be able to write and transfer data from one device to another.
Manually run checks on apps
A great way to make sure you know all the apps you’ve downloaded is to check through them individually. Most stalkerware apps don’t appear on the homescreen of smartphones but they might still appear on the device’s wider app list.
Ways to protect yourself against stalkerware
There are several simple ways to protect yourself against stalkerware:
- Be on the lookout for unusual behavior on your device including faster battery drain or a sudden increase in data consumption.
- Change all of your passwords and enable multi-factor authentication on devices that you trust.
- Don’t leave your smartphone or other devices unattended.
- Make it a point to check through apps on your phone periodically and remove unnecessary apps.
- Ensure that your operating system and apps are up to date so any known vulnerabilities are patched.
- As a last resort, back up all of your data and perform a factory reset on your device to start afresh. Keep in mind that with a fresh install/factory reset of your device’s operating system, you should take care to only install essential apps.
FAQ: About stalkerware apps
Can stalkerware be installed remotely?
Yes. However, it might be difficult to do so on smartphones and you’ll need physical access to the device. Stalkerware can be installed remotely on a laptop or PC through techniques like email phishing.
Is stalkerware illegal?
Currently, no. Many types of stalkerware are marketed as surveillance apps for children and pets, which makes it difficult to determine legitimate apps from ones that could be malicious.
How can you tell if your phone is being monitored by someone else?
There are several ways to tell if your phone is being monitored. Here are some signs:
– Your device behaves strangely after being left unattended
– Battery of your device is draining fast
– Your device gets warm quickly
– You’re experiencing unusually high data usage on your device
– You noticed altered permissions to apps and settings
Does a factory reset remove stalkerware?
Yes, a factory reset does remove the offending app from a device. However, you’ll want to back up the rest of your data onto a cloud because a factory reset also removes other data with it.
Privacy should be a choice. Choose ExpressVPN.
30-day money-back guarantee