Avast report says there has been a 51% increase in the use of spy and stalkerware since the lockdown in March until June, in comparison to January and February 2020. In India, since March Avast has protected over 4,000 users from apps capable of spying, mostly stalkerware, with the monthly average up 20% vs. the first two months of the year. Stalkerware is an unethical software that allows people to track someone’s location, access their personal photos and videos, intercept emails, texts and app communications such as WhatsApp and Facebook, as well as eavesdrop on phone calls and make covert recordings of conversations over the internet, without the target’s knowledge.
It is notable that among the entire range of spy and stalkerware, Avast has also observed a number of COVID-19-related apps designed to spy on users, which collected more information about its users than required to function.
Avast threat analysts have found three stalkerware apps in India that are named after India’s official Covid-19 app, Aarogya Setu, and use an icon looking like, or reminding of the official app’s icon. When downloaded, the official Aarogya Setu app gets installed along with the stalkerware app. The stalkerware apps use the original app to get approval from the user to allow the collection of sensitive information. To spy on the user, it then uses the AcessibilityService of Android to get various permissions and have the ability to – make phone calls, get SIM serial number, read contacts, read phone state, read and send text messages, record calls/audio, queries call log, access device location, and ID. The apps can also hide their icon, making it hard for the victim to notice; also has the capability to mute the ringer.
Jaya Baloo, CISO, Avast said, “Stalkerware is a growing category of domestic malware with disturbing and dangerous implications. While spyware and info stealers seek to steal personal data, stalkerware is different: it steals the physical and online freedom of the victim. Usually installed secretly on mobile phones by so-called friends, jealous spouses, ex-partners, and even concerned parents, stalkerware tracks the physical location of the victim, monitors sites visited on the internet, text messages, and phone calls, undermining a person’s individual liberty and online freedom.”
India’s National Commission for Women (NCW) has seen a more than two-fold rise in gender-based violence during the lockdown in India. Between 23 March and 16 April, NCW registered 587 domestic violence complaints, a 45% increase from the previous 25 days. The Childline India helpline received more than 92,000 calls between 20–31 March, the start of India’s lockdown, asking for protection from abuse and violence.
In order to mitigate against the threat of stalkerware, the Avast team have provided some simple, actionable steps:
Rule #1: Secure your phone against all unauthorized physical access.
Rule #2: Install a good, mainstream antivirus product on your mobile phone.
Rule #3: Do not hesitate to contact Operation Safe Escape by a safe means.
Operation Safe Escape is a victim support organization that provides valuable support and education for victims of domestic violence and abuse and can help with issues of personal, physical and digital safety. If it’s possible your device has been compromised by stalkerware, avoid using it to contact support. If you are able, use an anonymous device such as a library computer or a friend’s phone in order to avoid alerting the stalker.