We usually catalog the types of malicious code in circulation with terms that describe the nature of their malicious action. Not just malware, but also spyware, adware, ransomware, Trojans and so on. To the list we add a name perhaps less used, but already in itself quite clear: stalkerware. A problem that concerns the Android world and that required active intervention by Google.
Play Store and stalkerware: deleted apps
The Mountain View group has eliminated seven applications from Play Store up until a few days ago, distributed in the light of day, from the official platform of the operating system. He did so following a public report by Avast.
The software, for functions and dynamics similar to spyware, allowed users to spy on the devices of partners or employees, collecting and sending information remotely about travel, calls made, messages exchanged, photographs taken and so on. A behavior considered by bigG not in line with the policies of the Android world. These are the apps that are the subject of the cancellation.
- Track Employees Check Work Phone Online Spy Free;
- Spy Kids Tracker;
- Phone Cell Tracker;
- Mobile Tracking;
- Spy Tracker;
- SMS Tracker;
- Employee Work Spy.
As can be guessed from the names, they were distributed in the form of tools for parental control (to keep children under control) or to monitor the activity of employees in the workplace. In the descriptions and reviews, however, there are many references to a job to spy on partners, engaged couples and spouses, current or former. Here are the words of Nikolaos Chrysaidos, number one of the Mobile Threat Intelligence and Security team for Avast.
These applications are not ethical and are problematic for people’s privacy, they should not be hosted by Google’s Play Store because they promote criminal behavior: employers, intrusive partners or stalkers could abuse it. Some of the apps are offered as parental controls, but from the descriptions a different picture emerges, telling users that they can use them to “keep an eye on traitors”.
To work the apps had to be installed on the victim’s smartphone, so it was necessary to physically access them. Then they acted in the background, without even showing an icon, so that they could not be easily identified.
A study conducted last year by IPV Tech Research states that it is not easy to understand if a stalkerware has been installed on your device, since most of the security tools do not label these apps as harmful. Avast does this by showing a warning to the user. In April Kaspersky stated that they will start doing so in the future. Symantec, Malwarebytes and Lookout will follow. The common goal is to also remove this form of threat to privacy that affects the mobile universe.