Kaspersky Lab has upgraded its Kaspersky Internet Security for Android with Privacy Alert – a new feature that warns the users if their private information is being monitored via commercially available spyware. While this kind of software is deemed to be legal, the program’s presence is often both unwanted and unknown by the user affected. In some cases, a program’s download page specifically states the software is intended to be used for secretly spying on the user. For this reason, Kaspersky Lab decided to introduce a special alert for such programs, enabling those affected to decide for themselves what they want to do about it.
Commercial spyware programs are background-running apps installed on phones, which can be used to monitor and track device activity. Usually used to spy on partners or ex-partners, there is nothing to stop people using such programs to target specific individuals for malicious purposes. This is often done without the victim’s knowledge, leading to these types of programs being commonly referred to as ‘stalkerware’. While functionality varies, it often allows the person who installed it to access their victim’s device information, SMS messages, photographs, social media conversations, geolocation data and, in certain cases, to transfer audio and camera recordings in real time.
While installing stalkerware on someone else’s device requires physical access, it can be done quickly by downloading an app onto the phone from a distributor’s website. In 2018, Kaspersky Lab products detected stalkerware programs on 58,487 unique mobile devices – proving the severity of the threat. While it seems hard to even imagine that such a blatant privacy invasion can be so common and easily accessible, stalkerware programs have been exposed and publicly criticized multiple times. Yet, in most countries their status remains vague.
Kaspersky Lab has now developed new attention grabbing alert that clearly notifies users of Kaspersky Internet Security for Android if such programs are found on their devices.
In addition, Kaspersky Lab researchers have looked at the wider landscape for such software. The resulting report, ‘Beware of stalkerware’, features analysis of commercially available spyware, including the most popular consumer surveillance apps. The research shows that alongside the obvious privacy invasion, such programs generally lack protection measures for the sensitive data being hijacked. For instance, five out of 10 stalkerware programs analyzed had either experienced a data-breach or were found to be vulnerable to such attacks. Analysts even discovered one vendor storing victim data files on a server with critical security vulnerability, leaving the stored data accessible to all.
The study that Kaspersky Lab researchers performed also exposes the extent of the so-called stalkerware industry. Even programs that have been shut down or at least claim to be so, continue to be marketed through official social media channels and offer franchise-like business models to buyers.
Kaspersky Lab has been flagging potentially harmful apps that are not malware – including adware and so-called legal spyware – for years, even creating a specific “not-a-virus” notification. However, as the problem of privacy abuse has increased, it decided to reevaluate how information about certain types of threats was being communicated to customers.
“We were following what some media organizations and NGOs like the Electronic Frontier Foundation were doing to enhance privacy and security for vulnerable populations around the world, and to eliminate the threat that stalkerware poses. We were inspired by their activities so much that we decided to review how our own products treat such software. As a result, we now flag commercial spyware with a specific alert which warns users of the dangers stalkerware poses. We believe users have a right to know if such a program is installed on their device. Our new alert will help them to do that and assess the risk properly,” says Alexey Firsh, Security Researcher at Kaspersky Lab.