Avast, a global leader in digital security and privacy products, has found that globally, there has been a 51% increase in the use of spy and stalker were since the lockdown in March until June, in comparison to January and February 2020. In India, since March Avast has protected over 4,000 users from apps capable of spying, mostly stalkerware, with the monthly average up 20% vs. the first two months of the year. Stalkerware is an unethical software that allows people to track someone’s location, access their personal photos and videos, intercept emails, texts and app communications such as WhatsApp and Facebook, as well as eavesdrop on phone calls and make covert recordings of conversations over the internet, without the target’s knowledge.
It is notable that among the entire range of spy and stalkerware, Avast has also observed a number of COVID-19-related apps designed to spy on users, which collected more information about its users than required to function.
Avast threat analysts have found three stalkerware apps in India that are named after India’s official Covid-19 app, Aarogya Setu, and use an icon looking like, or reminding of the official app’s icon. When downloaded, the official Aarogya Setu app gets installed along with the stalkerware app. The stalkerware apps use the original app to get approval from the user to allow the collection of sensitive information. To spy on the user, it then uses the AcessibilityService of Android to get various permissions and have the ability to – make phone calls, get SIM serial number, read contacts, read phone state, read and send text messages, record calls/audio, queries call log, access device location and ID. The apps can also hide their icon, making it hard for the victim to notice; also has the capability to mute the ringer.
Jaya Baloo, CISO, Avast said, “Stalkerware is a growing category of domestic malware with disturbing and dangerous implications. While spyware and infostealers seek to steal personal data, stalkerware is different: it steals the physical and online freedom of the victim. Usually installed secretly on mobile phones by so-called friends, jealous spouses, ex-partners, and even concerned parents, stalkerware tracks the physical location of the victim, monitors sites visited on the internet, text messages and phone calls, undermining a person’s individual liberty and online freedom.”
Avast has protected over 43,000 users globally from such malware since March 2020. Country specific data indicates 3,531 users have been targeted in the United States, 1,648 in France, and 3,048 in Brazil.
This growing digital threat identified by Avast is set against a backdrop of an increase in domestic violence during lockdown, called a “shadow epidemic” of the coronavirus by Phumzile Mlambo-Ngcuka, Executive Director of UN Women.
“Across the globe, it’s been reported that the number of domestic violence cases have consistently increased during lockdown, and that tallies with what we’re seeing in this digital threat. We’re committed to doing all that we can to protect our users from this rising threat.” Jaya added.
India’s National Commission for Women (NCW) has seen a more than two-fold rise in gender-based violence during the lockdown in India. Between 23 March and 16 April NCW registered 587 domestic violence complaints, a 45% increase from the previous 25 days. The Childline India helpline received more than 92,000 calls between 20–31 March, the start of India’s lockdown, asking for protection from abuse and violence.
In order to mitigate against the threat of stalkerware, the Avast team have provided some simple, actionable steps:
Rule #1: Secure your phone against all unauthorised physical access.
Smartphones are often left unprotected by their users. According to Pew Research, over a quarter of mobile users have no lock-screen protection on their smartphones whatsoever, and just over half use neither thumbprints nor PIN codes to keep their devices private. This makes it simple for a suspicious partner to secretly install stalkerware without being noticed. Equally, do not lend your unlocked phone to anyone unless you fully trust their intentions. It can take less than a minute to install a stalkerware app on a device.
Rule #2: Install a good, mainstream antivirus product on your mobile phone.
A good mobile antivirus will treat stalkerware as a PUP – a potentially unwanted programme – and give you the option to remove it. A mobile security product such as Avast Mobile Security will keep your mobile device secure from stalkerware in addition to other malware and potentially malicious apps. Avast worked with Google to remove eight of the biggest stalking apps from the Play Store last year. We are continuing this work as new developments in stalkerware arise, helping to keep users and devices one step ahead of the threats.
Rule #3: Do not hesitate to contact Operation Safe Escape by a safe means.
However, if you are already in an abusive relationship – or fear it is heading that way – you should understand that you are at greater risk from stalkerware. An innocent visit to a friend or relative could be detected and provide the trigger for physical abuse. Even removing the stalkerware could alert the partner. If you have reached this stage, you need to source help and support fast – and you should not hesitate to seek it. Contact Operation Safe Escape at the earliest safe opportunity.
Operation Safe Escape is a victim support organisation that provides valuable support and education for victims of domestic violence and abuse, and can help with issues of personal, physical and digital safety. If it’s possible your device has been compromised by stalkerware, avoid using it to contact support. If you are able, use an anonymous device such as a library computer or a friend’s phone in order to avoid alerting the stalker.