everythingpossible - stock.adobe

Use of abusive stalkerware against women skyrocketed in 2020

Rise in the use of malicious stalkerware correlates closely to increased domestic violence during lockdown

The use of harmful stalkerware applications as a tool of domestic abuse against women has spiked in the past 12 months, with much of the increase correlating closely to a rise in reports of domestic violence during Covid-19 lockdowns around the world, according to the Coalition Against Stalkerware, a cross-sector group dedicated to ending the use of stalkerware.

Stalkerware is commercially available, and usually entirely legal, mobile surveillance software that enables an abuser to intrude into, and exert control over, their victim’s private life by monitoring their device’s messages, photos, social media, location data, audio and camera recordings without their knowledge or consent.

Marking both its first anniversary and the UN International Day for the Elimination of Violence Against Women, the Coalition today reported statistics from some of its members, cyber security firms Malwarebytes and F-Secure, detailing the increased use of such tools.

“Over the last year, we have made significant strides in educating the public about the growing dangers of stalkerware, thanks to the incredible efforts of our partners,” said David Ruiz, online privacy advocate at Malwarebytes.

“Sharing information and working together is critical to ensuring that we help reduce the dangers of apps that can be used to track people without their knowledge or consent. We hope more organisations join us as we continue to fight to ensure users can choose how and when to share their data with others.”

According to Malwarebytes, lockdown orders implemented from March 2020 caused a dramatic uptick in usage. It recorded a 780% increase in detections of monitoring apps between January and June, and a 1,677% increase in detections of spyware. It estimates it has detected more than 43,000 instances of malicious app usage by abusers in the 10 months to the end of October.

This was corroborated by F-Secure, which said it, too, had seen a significant increase in detections beginning in March, slackening off during the summer, and then peaking again during August and September.

F-Secure’s most detected stalkerware program is an Android app called Cerberus, accounting for 52% of detections. Cerberus is a legitimate smartphone security app that includes features such as device tracking, locking and wiping in case of theft, and over the years it has received positive reviews from many, including one of the UK’s most widely-read technology news outlets, which selected it as an “App of the Week” in 2011.

However, it is easily weaponised by abusers because it enables a stalker to “hide” on their victim’s device, track its location, take pictures and screenshots, and record audio.

Another app widely used as stalkerware is called KidsGuard, which, according to F-Secure, can be installed on a device without the user’s permission or awareness to scrape location data, account names, screenshots, keystrokes, browser histories, photos and videos.

“Stalkerware evolved from the same culture of mass surveillance and data collection that now pervades the internet,” said F-Secure vice-president Christine Bejerasco, Tactical Defence Unit lead.

“But what makes this a threat that hits closer to home is that these simple-to-use apps can be installed on an Android device, either from an obscure website that hosts the app or from app stores in spite of attempts to stop them. This puts these intrusive surveillance capabilities into abusers’ hands.”

A recent study conducted in Australia by Wesnet, an anti-domestic violence coalition that brings together a range of organisations including women’s refuges, shelters, safe houses and information and referral services, found that 99.3% of domestic violence practitioners had clients who had experienced abuse enabled by technology.

It found a 245% increase in reports of GPS tracking of victims and survivors, and an 183% rise in the use of video cameras over the past five years.

“The increase of technology-facilitated abuse in 2020 mirrors what we are hearing from our member services and frontline agencies supporting women across the country,” said Wesnet CEO Karen Bentley.

“Abusers are weaponising technology and using it to wield additional harms in conjunction with the more traditional forms of abuse we know.”

Read more about technology and abuse

Respondents to Wesnet’s study, which was conducted alongside researchers from Perth’s Curtin University, reported that during the pandemic, abusers exploited the climate of isolation and reliance on technology for social connection to increase their use of technology to control and monitor them.

Among some of the more concerning findings were stories of abusers using children’s online schooling to seek information on their family’s whereabouts, children being given devices equipped with stalkerware to enable abusers to contact and control their mothers, and exploiting children’s social media accounts for the same purpose.

Wesnet’s study also reported increases in abusers sharing and distributing sexually explicit images or filming and photographing sexual abuse to further control – intending to shame, humiliate and intimidate victims, and creating a sense that through technology, their abusers are omnipresent.

There are several ways to safeguard a device from an abusive partner. The simplest one is to secure your device against unauthorised physical access, which will potentially stop them gaining access to your device to install stalkerware in the first place.

If possible and affordable, it is also worth installing your own mobile antivirus service – reputable ones will flag stalkerware as a potentially unwanted program (PUP).

If you are in an abusive or deteriorating relationship, it is very important to understand that you are at increased risk of having stalkerware placed on your device, and that if you find it, you should not remove it because this will almost certainly alert your abuser.

If you do find stalkerware installed on your device, try to contact local law enforcement or a victim support organisation. In the UK, resources are available from the National Domestic Violence Helpline or the National Stalking Helpline. Also, Citizens Advice maintains a list of further organisations, including resources for male victims and LGBTQ+ people.

If you do seek help, try to avoid using the compromised device. If you can, access assistance on a computer in your local library, or borrow a trusted friend or neighbour’s device.

Read more on Endpoint security