Reader Advisory

Some articles posted in The SlickMaster's Files may contain themes, languages, and content which may neither appropriate nor appealing to certain readers. READER DISCRETION is advised.

Friday, April 03, 2020

Newsletter: What is ‘spouseware’ and why it’s linked to domestic abuse?

03/30/2020 03:34:03 PM

Author's note: Global cybersecurity brand Kaspersky has recently exposed about 380 variants of stalkerware discovered in the past year. Turns out, these legit programs are often used as tools for domestic espionage or to spy on partners, which serves the reason they’re also touted as 'spouseware.'

In this newsletter, the top worldwide security firm discloses the story behind this coined term, and why it has been linked to cases involving domestic abuse.


*****

A stalkerware often needs to be installed manually on a victim’s phone and is done normally without permission. Once installed, a stalkerware can provide an operator (or abuser) access to their victim’s messages (SMS or messenger chats), photographs, social media, browser history, geolocation, and audio or camera recordings, which in some cases can be done in real-time. The app is concealed in the device so the person being targeted may not find out that it’s there.

Most stalkerware products formally comply with legislation but are banned for distribution through legitimate channels such as Google Play or App Store for failure to comply with ethical norms.

In 2019, Kaspersky products detected a sharp rise in stalkerware found on Windows devices. Users of Kaspersky solutions in Russia (40,912), India (18,549) and Germany (15,217) were the most affected among its subscribers worldwide.

Meanwhile in Southeast Asia, attempted to be targeted were Kaspersky users in Vietnam followed by Malaysia and Indonesia.

Stalkerware
Users affected 2018
Users affected 2019
Ranking in terms of share of
Affected users
2018
Ranking in terms of share of affected users
2019
Indonesia
3381
2,720
15
17
Malaysia
3596
4,436
13
13
Philippines
1469
1,366
33
35
Singapore
733
866
50
44
Thailand
1162
1,196
38
38
Vietnam
5937
7,216
9
9


The cybersecurity company attributes the number of detections to the improvement in detecting stalkerware through cybersecurity solutions. In April last year, Kaspersky launched a functionality in its Android security app called Privacy Alert that specifically notifies users if software that can be used for stalking is found on their device. Since then, the number of detections has steadily risen.

According to Kaspersky, the three most prolific stalkerware families detected in 2019 were the following, according to rank:

1. Monitor.AndroidOS.MobileTracker.a used to identify a free Mobile Tracker application that tracks the activity of children or employees, their location, correspondences, and calls. This app can access all files in the device, such as photos, browser history, calendar, contact and can remotely control the device.
2. Monitor.AndroidOS.Cerberus.a positioned as an anti-theft app. Cerberus allows a stalker to work in “hidden’ mode and prevent it from being deleted. This app tracks the location of the device, takes pictures and screenshots from the camera and records audio from the microphone.
3. Monitor.AndroidOS.Nidb.a which is a group of similar applications under the names iSpyoo, TheTruthSpy and Copy9. These are promoted as apps to spy on a partner.

Almost all stalkerware apps are designed to monitor victims’ actions, including keyboard activity, making it extremely effective in stealing information which the user is typing online, via keylogging tactics.

Purchasing a stalkerware or spouseware is cheap and easy. It sometimes costs as little as $7 (or 350 pesos) a month and it can stay hidden on a victim’s device unnoticed for a long time, making it an affordable way of monitoring someone’s movement.

If the stalkerware is deleted from the device, the abuser will know immediately and this usually results in a minor escalation of the conflict to physical violence. Such cases have been witnessed by nonprofit organizations working with victims of domestic abuse.

Generally considered a legal software in most countries, cybersecurity companies cannot easily regard it as malicious and removed when found. Other security solutions even mark it as not-a-virus or something similar so a user may perceive it as a harmless software when it’s definitely not.

The seriousness of stalkerware use has prompted Kaspersky to link arms with fellow IT security companies, advocacy groups, and law enforcement agencies to form the Coalition Against Stalkerware for the creation of a consensus-based definition and standard criteria for stalkerware detection.

The Coalition has also launched a website, www.stopstalkerware.org, to provide helpful tips on how to find out if there’s stalkerware on your device and what to do about it. It also provides contacts that deal with domestic violence to reach out to and can help prevent or mitigate the damage.

“The formal legal status of stalkerware and how it’s being used to inflict damage is alarming for us and our industry. It clearly raises significant safety and privacy concerns. But we are positive that more partners will come in as we strive to help prevent cyberstalking, intimate partner violence through data and collaboration. We will continue to actively contribute to this endeavor of helping victims of technology-facilitated domestic abuse and eventually making it illegal to spy on other people without their knowledge,” said Yeo Siang Tiong, general manager for Kaspersky Southeast Asia.

‘With modern consumer surveillance technology, stalking has gone digital. With the majority of women being victimized through the use of stalkerware, I feel sorry for this situation being a woman myself. But this initiative by the Coalition with their relentless efforts to educate the public and governments to push for changes so that everyone’s privacy will be protected,” said Mary Grace Sotayco, Kaspersky territory manager for the Philippines. 


To avoid being monitored by stalkers, Kaspersky recommends:

1. Keep your password private. Never disclose the password of your mobile device, even if it is with someone you trust.
2. Check your phone programs & block installation from unknown sources. Find out if suspicious programs were installed on your phone without your consent. And block unknown sources from installing programs to your smartphone settings.
3. Never store unfamiliar files or applications on your device, as this could harm your privacy.
4. Change your mobile security settings. An ex may try to acquire your personal information to manipulate you.
5. Get a reliable security solution. Use security solutions like Kaspersky Internet Security that notifies you of the presence of commercial spyware programs that aims at invading your privacy on your phone.
6. Seek professional help. If you think you are a subject of stalking and need help, contact a relevant organization for professional help.

Author: slickmaster | © 2020 The SlickMaster's Files

No comments:

Post a Comment

Feel free to make a comment as long as it is within the bounds of the issue, and as long as you do it with decency. Thanks!