From January to August, more than 37 000 users, “Kaspersky Lab” around the world are faced with spying on them through stalker software, reported in the company’s report. Russia is the leader in the number of users that are monitored using such software: in 2018 there were 4,500 of them, in 2019 their number more than doubled – about 10,000.
The reasons for this growth may be the emergence of a new stalker software (in 2019, 380 of its options were recorded – almost a third more than last year), and the improvement of the cyber defense system that catches such programs for the Android platform.
This kind of software is developed mainly for smartphones, says ESET security expert Lucas Stefanko: it is manually installed on the victim’s device by someone from his environment. The application offers the person who installed it to enter their email address and get the password for the application, explains Avast Tech Bochok, senior Avast software engineer. The capabilities of stalker software, Bochok continues, may vary: it is mainly able to track location, collect contacts, track sms and call history, read notifications, and also collect WhatsApp and Viber correspondence if the stalker has administrator rights.
Most manufacturers of stalker software position it as programs to help parents (“parental control”) and employers (“employee monitoring”), that is, as useful and not malicious software, says a Dr. Web Maxim Yakushev. According to him, if the user is warned and formally agrees to the installation of such a program, monitoring does not contradict the laws and that is what developers are focusing on, taking responsibility off, says Yakushev. Such software in Russia is specially certified by the FSTEC and the FSB, as it inevitably stores and processes personal or even classified data, says SurfInform lead analyst Alexei Parfentiev. Malicious applications techniques are often used to create such software, Bochk notes: they require wide access to the operating system.
To install monitoring software in companies, you must have administrator rights, says Parfentiev. The data that companies collect about employees is often stored on servers, and data from a wide range of users is stored in cloud storage, he explains.
Parfentiev notes that Russia has developed a strong industry of information security and there is a specialized class of systems – DLP (Data Loss Prevention). “If you take any market research, you will find many positive reviews about DLP systems of domestic production,” he says.
In July this year, Avast researchers found seven apps on the Google Play Store that let you keep track of colleagues and relatives, says Bochk. According to him, among these applications were Spy Tracker, Employee Work Spy and SMS Tracker at Google – the company promptly removed all applications from the Google Play Store. According to Avast, these applications have been downloaded a total of more than 130,000 times, most often installed Spy Tracker and SMS Tracker – more than 50,000 times. In general, Bochk concludes, such programs should not appear in official application stores, as employers, jealous spouses, or intruders can abuse them.