What is Stalkerware and How Does It Affect Android Phones

By | December 7, 2021

Recently, the tech world saw a small revolt of stalkerware on smartphones; however, it is not entirely clear what “stalkerware” is. What is stalkerware, and why is Android the main target today

Let’s break down stalkerware, how to detect it, and how it spreads.

What is Stalkerware

Stalkerware is a type of malware that records data entered into a device and sends it to a third party that is supplied to the program during installation. Stalkerware acts without the victim knowing that it is taking their information; therefore, it is an invasion of privacy and is considered an unwanted program.

Stalkerware can track various types of information. For example, one can monitor the victim’s SMS messages, while another sends messages to the target location. Thus, the design of each stalkerware changes depending on what it is designed to track.

Isn’t Stalkerware Just Spyware

For people who like malware, this may all sound very familiar. Stalkerware sounds a lot like spyware, a term that includes programs like keyloggers and clipper malware. What makes stalkerware different from spyware?

The main difference is that spyware sneaks into the system under the guise of a legitimate program, and sends data to unknown malicious agents. Stalkerware, on the other hand, openly advertises its features to potential customers, and sends data to user-supplied email addresses.

As you may have guessed, stalkerware is not meant to be installed on a user’s system; they will just login themselves! Instead, users install it on other people’s devices they want to track. This is the main difference between spyware and stalkerware; spyware is downloaded by mistake, while stalkerware is intentionally installed on devices that users want to track.

Thus, stalkerware’s main market is people who don’t completely trust other people. For example, a suspicious partner can install an SMS reader on their partner’s phone to make sure they are not cheating. Similarly, parents can install stalkerware on their child’s phone to monitor their web browsing.

With all this different terminology, it can be confusing to keep track of all the cybersecurity provisions. If you’re struggling with the basics, be sure to learn about viruses, spyware, malware, and other online threats.

How Stalkerware Arrived on Android

So why do we bring Android into the mix? The answer lies in a recent report from Z6Mag that Google has removed seven stalkerware apps. Each has a marketing angle aimed at a specific niche.

The names of the apps, as reported by Z6Mag, are as follows:

  • Track Employees Check Work Phone Online Spy Free
  • Spy Kids Tracker
  • Phone Cell Tracker (Cell Phone Tracker)
  • Mobile Tracking
  • Spy Tracker
  • SMS Tracker (SMS Tracker)
  • Employee Work Spy

Unfortunately, Google Play has proven itself several times in the past to hide malicious apps. For example, the Google Play store stored clipper malware in the Android store at one point.

What Stalkerware Do

While these apps are now long gone, remnants of the ads from when they were active are still there. This provides some insight into how this app works and why Google removed it. Let’s look at two examples to see what this app does.

SMS Tracker App

Some of the apps listed above do what they say in the name. SMS tracker, for example, tracks SMS messages. However, if you read SMS Tracker’s marketing copy, you’ll find even more sinister spy tools included with stalkerware.

Thanks For Visit

Advertisements market the app as a means for parents to track their children. It achieves this goal by recording and sending details to the concerned parent of everything the child does. These logs include SMS messages, contact lists, phone logs, web browsing history, and even their location via GPS.

Employee Job Spy App

Employee Job Spy works in a similar way to SMS Tracker but takes a more business-focused approach with its ads. It will record all SMS, voice, and location activity of a business smartphone so bosses can keep an eye on their workers.

The app’s developers claim that this will prevent lazy employees, leak information, or – ironically enough – do espionage. Employee Job Spy at least states in the description that workers should receive app installation warnings before distributing cell phones.

Stalkerware’s True Intentions

As you can see, stalkerware usually has good intentions; it’s never there to hurt or steal from people. The main focus of the above apps is to check people and even protect them from harm.

Unfortunately, when the heart of the app is in the right place, their methods are not ethical at all. This spy tool causes massive privacy breaches and is the main reason why stalkerware is labeled as malware.

How Stalkerware Covers Its Trail

Of course, these apps have to be careful what they do. If users find an app called “SMS Tracker” on their phone, they will likely uninstall it.

Thus, when the user runs the application, he downloads additional spy tools and installs them in a way that is independent of the main application. Then, the user uninstalls the app to cover their tracks while the surveillance tool continues to work in the background. This feature makes it very difficult to tell if your device has a stalkerware infection.

Not Just an Android Problem

Unfortunately, stalkerware isn’t just an Android problem. Any device that can run specialized software on it could theoretically run into a stalkerware infection. Employee PCs can install it to check how they are using their work time, for example.

FlexiSpy is a great example of this. It was sold to lovers who wanted to monitor their partner’s PC or cell phone, and the developers made a whole business out of digital stalkers.

How to Stop Stalkerware

The problem with stalkerware is that it won’t show up in your apps list if you hunt for it. That’s because the person who originally downloaded the malware removed the main app to cover their tracks. That “remainder” is what works silently in the background, tracking all your data.

Unfortunately, if you use an antivirus program that cannot identify stalkerware, it will report a clean scan on the infected device. That’s why it’s a good idea to do some research and find an antivirus that can tackle stalkerware. Kaspersky, for example, has updated its antivirus to find and remove this threat.

If you want to make sure your device is clean of stalkerware, factory reset is the best option. A full reset will erase any remnants of the original app and allow you to get your privacy back. It’s more of a hassle than running an antivirus, but there’s no chance of remnants lurking undetected in the background.

Once you’re sure your phone is clean, you should lock your phone to prevent the culprit from reinstalling it. Put a strong password on your phone and keep it with your people at all times so it doesn’t get infected again.

Thanks For Visit