The “disturbing and dangerous” use of malware to track the activity of an unknowing victim, known as stalkerware, has increased rapidly in 2020.
Avast listed stalkerware as one of the biggest cyber threats of 2020 in a recent report after finding a 51 per cent increase in use of the technology from March to June this year, compared to the first two months of the year.
Across the whole year, the cyber security company has detected 647,000 spyware and stalkerware attacks, with more than 6,200 of these in Australia.
Stalkerware can be installed secretly on a victim’s phone in the form of a seemingly innocuous app, which then relays private information back to the abuser, such as the victim’s location, photos, texts and calls history.
Despite commonly being marketed as a way for parents to keep tabs on their children, stalkerware has been seen to be used as a weapon against those experiencing intimate partner violence, leading to psychological, emotional and physical harm.
The Avast report found that the increased usage of stalkerware paralleled with COVID-19 lockdowns around the world, and was used by “so-called friends, jealous spouses and partners, ex-partners and even concerned parents, and tracks the physical location of the victim, monitors sites visited on the internet, text messages and phone calls”.
The report found the usage of the technology peaked in April with about 11,000 attacks detected, and has remained steadily above 10,000 in the months since.
National Network to End Domestic Violence Safety Net project director Erica Olsen said in July there are a number of reasons why stalkerware usage may have increased this year.
“Stalkerware, which is designed to operate in stealth mode with no persistent notification to the user of the device, gives abusers and stalkers a robust and invasive tool to perpetrate harassment and monitoring. and stalkers a robust and invasive tool to perpetrate harassment, monitoring, stalking and abuse,” Olsen said.
“This can be terrifying and traumatising for the person. During this public health crisis, there have been several reports documenting the increased detection of stalkerware, which could be indicative of increased access to personal devices during lockdown or stay-at-home orders.
“It could also be reflective of an abuser increasing or changing their tactic if the victim is now actually out of the house more often, if they are an essential worker in healthcare, for example.”
According to Malwarebytes, stalkerware can often mimic the appearance of other apps, such as anti-theft tools, but can act as powerful surveillance tools for the abusers.
In August, Google moved to ban these stalkerware apps from advertising on its platform, applying to any app with the “express purpose of tracking or monitoring another person or their activities without their authorisation”.
The company did however provide an exemption for “products or services designed for parents to track or monitor their underage children”.
But as TechCrunch reported, many stalkerware products are still evading Google’s ad ban, with Malwarebytes labelling it as incomplete as the “line between stalkerware-type applications and parental monitoring applications can be blurred”.
Potential signs that a phone has had stalkerware installed on it include fast battery drain, longer than usual shutdown times and longer response times in general.
Users should be aware if their phone is warm even when not in use, and if data usage has increased without explanation.
