Increasingly, we are using technology to perform everyday tasks like banking, shopping, socializing, and, in cases of domestic abuse, monitoring individuals without their consent — or with their “permission” through coercion.
Through technology, it is possible to stalk someone with little effort. This can involve anything from sleuthing to find out information about your Tinder date to checking a potential work candidate’s social profiles to planting spyware on your partner’s phone.
In short, technology has provided new avenues for stalking to take place.
Recorded cases of spyware and stalkerware have dropped in number in recent years — only to be replaced with mobile applications that can be difficult to detect and remove, covert cameras, and item trackers.
Spyware and stalkerware
Spyware is usually generic and is rarely personal. For the cybercriminals who develop these forms of malicious software, it’s about grabbing personal data like financial account details to conduct theft and fraud.
Stalkerware has a different nature. Deployed to actively monitor an individual through their mobile device, stalkerware apps can be used to track spouses, exes, children, and even employees on their work devices.
Stalkerware capabilities can include tracking a location through GPS, eavesdropping on calls and social media conversations, stealing logs, monitoring browser activity, and compromising a device’s camera and microphone to listen/take photos of a real-world environment.
In order to install stalkerware apps, physical access to the smartphone is most commonly required. That doesn’t mean a lot of time is needed, however, and stalkerware apps can be installed while the victim visits the bathroom or makes a meal.
Once installed, these apps run quietly in the background and can be extremely difficult to detect. Some of the warning signs can be a hot battery and/or a quickly-draining battery. For more information on the signs to watch out for, check out this guide.
An insidious threat
David Emm, Principal Security Researcher of Global Research & Analysis Team at Kaspersky, calls stalkerware an “insidious threat.”
“Traditionally, it would have been wholly a real-world phenomenon,” Emm told ZDNet. “Now, we have to see stalkerware within [an] overall context of abuse, but it is the technological tip of the iceberg.”
In 2020 and 2021, Kaspersky detected tens of thousands of cases of stalkerware being installed on smartphones. Rates have lowered slightly, although according to the researcher, these numbers may have been skewered due to COVID-19. After all, there is little point in installing stalkerware if the person you are abusing is locked down with you.
However, on the flip side, constant, close proximity caused by lockdowns and stay-at-home orders may have also made it easier to put this form of malicious software on a device.
Emm says that the broader trajectory in terms of stalkerware installations is upward, and it is likely that reported numbers are a “gross underestimate.”
“The scale of the problem is bigger than it seems,” he told us.
Culture and acceptance
The issue of stalkerware may also have a cultural element. With surveillance so entrenched in modern societies, it’s also spilling out into our private lives.
A study conducted by Kaspersky last year also revealed a startling trend: over one-in-ten UK respondents (11%) believe it is acceptable to track and stalk their partners without consent. This rate of acceptance increased to 76% when the respondents believed their partners were cheating on them.
In total, 27% of UK adults have experienced domestic abuse committed by a partner, according to the company. The average rate in Europe is 21%, and the UK is only secondary to the Czech Republic at 29%.
When it comes to digital stalking and abuse, 15% of those surveyed said they believed this has happened to them — and 44% of them said this was through a smartphone application.
“People might not necessarily consider themselves to be a stalker when digitally prying, unlike in the old days, when you would have to follow someone, read a diary, and speak to family or friends about what they’re up to,” Emm noted. “The ease of doing it might take some of the realization away that such behavior is wrong.”
In general, stalkerware is far more common on Android handsets than on iPhones. This doesn’t mean that iOS users are protected, however, as other forms of tech are bridging the gap.
Tracking through tags
Tracker devices, such as Apple’s AirTag and Tile, were designed to make our daily lives easier. Lost your keys? No problem; ping the small tracker and it will give you the location of your misplaced items.
However, these innovative products come with a new avenue for exploitation and abuse.
Due to their size and affordability, trackers can be tucked away in the bottom of a bag, sewn into a coat lining, hidden in or affixed to a car, and more. This means that an individual’s movements can be tracked without them knowing.
Across social media, including Reddit and TikTok, individuals have reported cases where they believe trackers are being used to monitor them or as a tool for car theft. However, other reports also mention “Unknown Accessory Detected” alerts, which could be related to products other than AirTags. If you see this notification, it does not necessarily mean an AirTag is responsible.
According to the cybersecurity researcher, trackers are an example of technological solutions to solve a problem — with downsides identified down the line.
“The security aspects are dealt with retrospectively,” Emm commented. “They probably were not top of mind when those particular features were created.”
The Coalition Against Stalkerware
The Coalition Against Stalkerware is an alliance of companies including Kaspersky, EFF, Malwarebytes, Avira, the Tor Project, and F-Secure that are working together to tackle the use of technology to facilitate domestic abuse.
Emm told ZDNet that one of the group’s latest projects, TinyCheck, is receiving growing interest from organizations like Interpol as a means to clamp down on stalkerware.
TinyCheck is an open source initiative for law enforcement and security companies to capture network activity for analysis. When it comes to stalkerware-infected devices, TinyCheck can be used to pick up outgoing connections and to create an activity log without the operator knowing. This could potentially record the data necessary for a case to be built against them.
How to combat technological stalking
TinyCheck isn’t an option for general users, so what should you do if you suspect you’re being stalked?
When it comes to handsets, the first thing to do is check your list of applications and see if there are any programs you do not recognize. However, this doesn’t mean you should rush and delete them. Not only could this place you in danger, as your abuser will be notified, but this could also destroy the evidence of abuse law enforcement needs to prosecute.
If possible, it could be worth obtaining a burner device for conversations and phone calls you do not want to be monitored. Most importantly, turn to local authorities and domestic abuse services for help and support.
The Coalition against Stalkerware has further advice, which can be accessed here.
Tracking devices can be more complicated to deal with. In light of the privacy concerns raised, Tile will soon roll out a scanning feature on the Tile app to check for nearby devices — even if you do not have a tile yourself. But finding a Tile currently can be a difficult prospect.
“Tile will continue to seek guidance from advocacy organizations on the development of future iterations of this feature that will further enhance user safety,” the company says. “Tile will also provide resources and information to victims about how to stay safe if they suspect they are being tracked.”
Apple has released Tracker Detect, an app for Android that is compatible with Apple’s Find My network. This app can be used to perform local Bluetooth scans to try and find these kinds of devices.
AirTags will sound an alert when separated from their hub device for a period of time of between eight and 24 hours, and iOS device users (14.5+) will receive a notification that one is nearby. If you believe it is not a lost AirTag and is actually being used to track you, try to remove the battery (only if you can do so safely), but do not throw away the device. Apple and law enforcement can use the product and its serial number to potentially hunt down the owner. You can now also disable devices when they are not attached to your Apple ID.
Apple has provided a guide for these situations. The iPad and iPhone maker says:
“AirTag and the Find My network have also been designed to discourage unwanted tracking. To discourage tracking without your knowledge, Find My will notify you if an unknown AirTag or other Find My network accessory is seen moving with you over time.
An AirTag that isn’t with the person who registered it for an extended period of time will also play a sound when moved so you can find it, even if you don’t use an iOS device.”
According to Emm, the best overall solution is education.
“People just [need to be] knowledgable,” he commented. “I think we all need to get used to how vital these mobile devices are and, therefore, how important it is to protect them.”
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0