Stalkerware emerging as prominent cyber threat in COVID-19 era, coalition warns

There is growing concern over the increasing use of surveillance software as a tool for domestic violence, stalking and other abuse. Those secretly installing the malware are sometimes none other than close acquaintances of the victims

Photo: Bigstock

Amid the increasing phenomenon of abuse, stalking, and harassment via commercially available surveillance software, a recently-formed coalition called this week for increased efforts to recognize the harmful impact of those applications, and for collective action to support and assist victims. 

The Coalition Against Stalkerware issued the statement on the occasion of the UN’s International Day for the Elimination of Violence Against Women, which fell on Wednesday. The coalition said the issue of such harmful software has high societal relevance for users all over the globe, with new variants of the malware emerging periodically. 

In its statement, the coalition said that the problem of stalkerware has been on the rise for a number of years, and cybersecurity companies are detecting a consistent increase in these harmful applications. 

Stalkerware programs enable an abuser to intrude into a person’s private life and can be used as a tool for abuse in cases of domestic violence and stalking. By installing these applications on a person’s device, abusers can get access to their victim’s messages, photos, social media, geolocation, audio or camera recordings (in some cases, this can be done in real-time). Such programs run hidden in the background, without a victim’s knowledge or consent, the coalition said. 

This week, digital security company Avast named stalkerware as one of the main cyber threats of 2020 along with COVID-19 scams, deepfakes, phishing attacks and ransomware, among others. It said the malware is typically installed secretly on mobile phones by so-called friends, jealous spouses and partners, ex-partners, and even concerned parents.

The problem of stalkerware has worsened in the COVID-19 era. According to cybersecurity company Malwarebytes, while these apps have always presented a significant threat to users, the shelter-in-place orders that began taking effect in March 2020 resulted in a dramatic uptick in usage. Malwarebytes recorded a peak increase from January 1 to June 30, finding a 780 percent increase in monitor apps detections, and a 1,677 percent increase in spyware detections, said the coalition.  

"We now understand that stalkerware is not purely a technical problem. It's not the IT part of the issue that is challenging, but the fact that we need to deal with the commercial availability of stalkerware, the lack of regulation around how it is being used and, perhaps the most difficult problem, the fact that violence against women and different forms of online abuse have been normalized," said Kristina Shingareva, Head of External Relations at Kaspersky. The cybersecurity company is one of the coalition's founding partners. 

Launched in November 2019, the Coalition Against Stalkerware that now has 26 partner organizations seeks to combine its partners’ expertise in domestic violence survivor support, digital rights advocacy, and cybersecurity to address the criminal behavior perpetrated by stalkerware and raise public awareness. Among its partners are IT security vendors, mobile security companies, privacy solutions providers, an association of technology journalists, and organizations focused on cyber safety. 

During 2020, the coalition said, its partners have raised awareness through public speeches, events, publications, research, and collecting cybersecurity vendor data on the malware.