Malware is bad, but now we have a new threat to contend with. Ladies and gentlemen, let’s talk about stalkerware.
Security specialists at Avast have identified 7 apps on the Google Play Store that allowed people to stalk others
In a recent blog post, Avast announced that it had discovered seven apps available on the Google Play Store that enabled users to stalk other people. The apps work by sharing the victims live location, collecting their contact list, and monitoring their SMS and call history. This made it possible to stalk work employees or colleagues, romantic partners or, perhaps worst of all, children. According to Avast, all seven apps were likely designed by a Russian developer.
Stalking apps in @GooglePlay. Four apps, the same developer. Install it to your employee/kid etc and track the location, collect contacts, SMS & call history. If the phone is rooted you can also collect WhatsApp/Viber messages.
Those shouldn’t exist on Google Play. pic.twitter.com/aYsm72Ldl8
— Nikolaos Chrysaidos (@virqdroid) July 16, 2019
Before publishing the blog post, Avast first notified Google of the seven malicious apps and the internet giant has since removed them all from the Play Store. Unfortunately, however, they’d been downloaded over 130,000 times before Google was able to remove them. You can see the names of the seven apps below:
- Track Employees Check Work Phone Online Spy Free
- Spy Kids Tracker
- Phone Cell Tracker
- Mobile Tracking
- Spy Tracker
- SMS Tracker
- Employee Work Spy
Each of the apps first required the stalker to gain access to the victim’s phone. They’d then install the apps on the phone before following instructions that would show them how to hide the apps so that the victim wouldn’t know they were there.
The stalker would then email themselves a link and use it to install the spying app onto his or her own phone. From then on, the stalker would be able to keep tabs on the victim, and even be able to view their location on a map.
Avast’s head of mobile threat intelligence, Nikolaos Chrysaidos, had this to say of the new type of malware threat, “These apps are highly unethical and problematic for people’s privacy and shouldn’t be on the Google Play Store… They promote criminal behavior, and can be abused by employers, stalkers or abusive partners to spy on their victims. We classify such apps as stalkerware, and using apklab.io we can identify such apps quickly, and collaborate with Google to get them removed.”
These apps offer an insight into a worrying new digital threat that we need to be aware of. Protect your phone with a rigorous password as well as any biometric security measures your phone may offer. Don’t give it to anybody you can’t trust. We’ve also reached out to Chrysaidos to see about how to make sure nobody has installed these apps on your phone.