How to check your devices for stalkerware and why it is dangerous

What is stalking software?

"Stalker software" is a special surveillance program that

positioned as legal and which canbuy or install for free from the Internet. Such programs can work completely unnoticed for the user, the victim may not even know about the surveillance.

Research by Kaspersky Lab showed thatthat in 2019 alone, more than 37 thousand users around the world faced stalker software. The number of victims increased by 35% compared to the same period in 2018. At the same time, the number of victims of stalker software in Russia has more than doubled.

“Against the background of more significant indicators formalware infection statistics on stalker programs may not look so impressive. However, in the case of such surveillance software, as a rule, there are no accidental victims - in most cases these are people well known to the organizer of the surveillance, for example, a spouse. In addition, the use of such software is often associated with the threat of domestic violence, ”experts say.

In total, the company discovered over 380 variants of stalker programs in 2019.

The most commonly used program MobileTracker for Android OS, it is positioned as a tool for monitoring the employees of the organization.

She can conduct surveillance covertly, disguising herselffor system applications, and collect a lot of different confidential data - information about the location, correspondence via SMS and messengers, phone calls, photo and video files, camera recordings, browser history, files, as well as information from the calendar and contact list. Moreover, the program makes it possible to remotely control the device on which it is installed.

How do I check my phone?

Good news for iPhone usersis that it is almost impossible to install stalker software on an Apple smartphone: the company's security policy is not always user-friendly, but it is very effective. iOS simply doesn't allow apps to penetrate deep enough into the system software to be able to secretly control your phone activities.

However, if the iPhone is unlocked, it becomesvulnerable. But without the knowledge of the user, this is not so easy to do. An attacker must have access to the phone for a long period of time in order to hack it. The easiest way to check is to search the home screen for Cydia and SBSettings.

Cydia is an unofficial operating room appiOS system, which allows the user to search for and install software packages for iPhone, iPod Touch or iPad, after opening access to the file system of the device

The SBSettings utility from the BigBoss repository.This program has been around for several years and can only be installed on jailbroken devices. As a reminder, jailbreak iPhone / iPod Touch / iPad / Apple TV / Apple Watch is an operation officially unsupported by Apple, which allows you to access the file system of a number of iPhone, iPod, iPad Apple TV and Apple Watch devices.

Decreased battery life is one of the signs that your phone has been jailbroken.

If you suspect or find that an iPhonehacked, a full factory reset should fix this. However, before doing this, you should make sure that important data is stored somewhere else and will not be lost. It is best to perform the operation through a connected Mac or Windows computer. Apple has a complete guide, which can be viewed here.

Pick up hidden surveillance applications onAndroid devices are somewhat simpler, although officially prohibited: Google will remove applications from the Play Store if it finds evidence of stalking behavior of the application. Sometimes such programs manage to slip through the network, but someone will need access to the phone (or will need to be configured first) to install them. If you've set up your Android phone and no one has had it for more than a few seconds to access it, it should be free of stalker software.

If your phone is jailbroken, you may notice that itgets hotter during use or the battery runs out of charge quickly when not in use. You may also see unexpected notifications or shutdown or startup times have increased beyond normal. However, sometimes this does not help either. Stalking apps are designed to be difficult to detect. But any unusual behavior of the phone is a reason to be wary.

Monitoring applications very often hide theirapp icons, but they can appear in the main app list, albeit under an innocuous alternative name. In Android Settings, tap Apps & Notifications, then View All Apps to Check. Stalking software can also be hidden in the Android settings menu itself (often in security-related sections) - look for menu items that don't look right, or that you didn't notice before, or that don't match the official documentation.

Check the list of apps to find anything suspicious

For extra peace of mind, useUsing a third-party tool: Incognito, Certo, and Kaspersky Antivirus - these three phone scanning apps are recommended by Wired security experts. The problem of secret stalking apps is more acute than ever, and Google and Apple are very attentive to any app that tries to spy on users.

How do I check my computer?

Most of the same detection principlesThe stalker software for Android and iOS is applicable to both Windows and macOS. Someone else needs access to your computer, or you may be asked to install something yourself. For example, the IT management of the company you work for may ask about it. The tip is universal - as always, keep your laptop or desktop protected with an account and password. Also pay attention to its physical safety, such as who has access to it and when.

Both Microsoft and Apple understand very wellstalker software issue and Windows and macOS will detect and block some hidden tools without any further help. Like any other type of malware, stalking software can usually be detected by a third-party security suite: Norton, Bitdefender, and Malwarebytes come for both Windows and Mac.

If you want to host your owninvestigation, open Task Manager in Windows (search for it in the search box on the taskbar) or Activity Monitor in macOS (search for it in Spotlight via Cmd + Space) to see everything running on your computer. Keep in mind that spyware is usually not listed by its real name and may well try to impersonate a system application or use a short name that you probably won't notice.

The Task Manager shows what is running and what starts with Windows.

Browse all the tabs that appear indialog box on the screen. If you see something that you do not recognize, or something that does not match the programs you installed, or something seems suspicious in its behavior (possibly excessive disk usage), then do a quick Internet search for the application name or the process is usually enough to understand what you are dealing with.

You should also check ifapplications and processes concurrently with your operating system, as is necessary for most surveillance tools. On Windows, you will find this list of software in the Startup tab of the Task Manager; on macOS, open System Preferences, then select Users & Groups and Login Items. Again, do a web search for any app you're not sure about.

MacOS Activity Monitor tells you what's going on with your system.

On macOS, someadditional permissions for stalker apps: in the system settings go to the "Security and privacy" section, and then to the "Privacy" section. Check records for ingress monitoring and full disk access, as spyware often needs these permissions. Windows doesn't have the same setting, but you can see the permissions that apps have (including location, camera access, etc.) by selecting Privacy from the Settings menu and scrolling down to App Permissions.

A full system reset for Windows or macOS shouldrid your computer of hidden monitoring tools if you suspect that one of them has gotten rooted (just make sure you back up your files first).

Read also

Check out the most beautiful pictures of Hubble. What has the telescope seen in 30 years?

Ancient people saved themselves from the cold by hibernation

Astronomers have discovered an "intriguing signal" from the closest star system to the Sun