Security Market Segment LS
Thursday, 04 April 2019 09:51

Nearly 60,000 Android users found with stalkerware in 2018

Nearly 60,000 Android users found with stalkerware in 2018 Courtesy Kaspersky Lab

A researcher from Kaspersky Lab says the company found 58.847 users who had a stalkerware application — a commercial version of spyware — installed on their Android phones or tablets in 2018, according to analysis of data collected from those who had Kaspersky anti-virus software running on their devices.

Alexey Firsh said in a detailed blog post that this was a small number compared to other kinds of threats; for example, during the same year, 187.321 users were found to have encountered ransomware.

But there was a difference. " should be noted that when it comes to malware, our figures show how many people we were able to protect from infection," Firsh said. "But when we look at stalkerware, the situation is a bit different."

He said of the devices that were detected as having stalkerware, about 35,000 were infected before they had a Kaspersky Lab product installed and ran the first security scan. A total of 26,619 unique samples of stalkerware programs were found.

Firsh said there was little difference between commercial spyware - which was detected by most security software as "not a virus" - and classic spying malware.

stalkerware kaspersky

Said Firsh: "For example, a consumer surveillance program works like this:

  • "The command and control server (C2) is provided by the service owners; and
  • "It is easy to buy and deploy than spying malware. There is no need to use shady hacking forums and have programming skills – in almost all cases it requires a simple manual installation."

He said it was important to differentiate stalkerware from commercial programs that were used to locate a stolen/lost device or to facilitate parental control.

"Firstly, they [stalkerware] are distributed through dedicated landing pages – a direct violation of Google Play safety recommendations," Firsh pointed out.

"Secondly, these apps have functionality that allows them to invade the privacy of an individual without their consent or knowledge: the application icon can be hidden from the applications menu, while the app continues to run in the background, and some functions of the app fulfil surveillance tasks (such as recording the victim’s voice).

"Some even delete traces of their presence from the phone, along with any installed security solutions once the attacker manually grants the application with root-access."

Kaspersky Lab released an additional feature in its security app for Android on Wednesday so that it would detect common stalkerware.

Firsh said there was no need to prove the negative effects of commercial spyware, as its initial concept was completely unethical.

"However, there are many layers of other threats that these programs bring to a user who installs them. They breach the legislation of mobile application stores, breach security and make the data of stalked victims vulnerable to hacker exploitation.

"Later, that data can be used in all kind of malicious activities – from financial extortion to identity theft. We can also safely say that there are people who benefit from this and can access this data, while their own identities, origins and location remain unknown."


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments