Stalkerware and your phone
Stalkerware is spying software installed on your mobile without your permission that tracks what you do. If you’re worried, there are things you can do to protect yourself and your privacy.
What is stalkerware?
Stalkerware is a form of commercially available spyware that lets someone monitor another person they have a personal relationship with, including employees, spouses or intimate partners. The primary difference compared with spyware is that stalkerware is generally used by individuals, while spyware is used by government and law enforcement.
It’s important to understand the different types of stalkerware currently available, how they work, and what you can do to protect yourself from these types of apps.
Types of stalkerware apps and what they do
- Apps that monitor communications – stalkerware designed to record phone calls and log keystrokes of every message and email you send.
- Apps that track your location – stalkerware that keeps track of GPS coordinates or guesses your location based on the Wi-Fi networks you connect to. Location data can reveal a lot of information about you and your habits. When paired with other information, location data could help a hacker or stalker build up a picture about you and your movements. This could be a serious risk if you’ve got a vindictive ex-partner who wants to monitor your whereabouts and find out fresh details about your life.
- Apps that steal files and intimate data – these apps watch your device for any changes, and then transmit them to a server for a stalker to access. This can be particularly dangerous when it comes to sensitive data such as photographs, video, and other types of recordings. Two popular stalkerware apps, Cerberus and Reptillicus, operate in stealth mode, which means they allow users to read messages from third-party messengers like WhatsApp and Telegram, text messages, and view photos and videos in media galleries. Some stalkerware apps allow a user to track calendar events, take screenshots, access contact lists, and even take front camera photos.
Detecting and removing stalkerware apps from your mobile
Smartphones tend to be easier victims of stalkerware apps, largely because they’re easier to access, and people generally take their smartphones with them everywhere they go. The amount and type of data collected from a smartphone is often far more valuable than what can be extracted from a PC or laptop.
Signs of stalkerware
There are some tell-tale signs that your device may have stalkerware, including:
- Your smartphone behaves strangely after leaving it unattended,
- Unusual processes are running in your task or app managers,
- Your battery seems to be going flat much faster than usual,
- There is an unusually high data usage on your smartphone,
- Your device unexpectedly reboots or restarts,
- Your device heats up faster than usual or overheats in general,
- Your smartphone lights up when in standby mode,
There are altered permissions on apps and services.
How to remove stalkerware apps on iOS
- Scan for unfamiliar apps – one of the most effective ways to see if any stalkerware is on your phone is to manually check for anu unfamiliar apps. If you don’t remember installing an app, it might be a good idea to click on it and check the app yourself. If you’re still unsure if an app is stalkerware, search for its name online to get more information.
- Check for unknown configuration profiles – to check configuration profiles, head to Settings > General > VPN & Device Management. If you spot an unusual profile, click on it to find out what it does and delete it if it seems suspicious.
- Search for signs of a jailbreak – while it’s difficult to install stalkerware on iPhones because of app limitations set by Apple, it’s certainly not impossible. A hacker just needs to be able to jailbreak your phone and install stalkerware. The best way to check if your phone has been jailbroken is to manually check for apps that are unusual. Another sign that your phone has been jailbroken is if you’ve got an alternative app store instead of Apple’s official App Store.
- Perform a privacy audit – some Apple data sharing features like Family Sharing, Find Me, and Shared Albums at risk of being accessed by malicious individuals. To protect consumers, Apple has developed a privacy checklist that can help you to perform a privacy audit.
- Lock down iCloud – if you are worried that your phone has been tampered with, it’s a good idea to reset your iCloud password to protect any sensitive data you might have stored. Additionally, make sure to enable two-factor authentication (2FA) for your Apple ID, too.
Identify and remove stalkerware apps on Android
- Run Google Play Protect – it’s a service that runs safety checks on apps that have been downloaded from the Google Play Store before they’re downloaded onto your phone. The service also checks your device for potentially harmful apps.
- Check your phone’s accessibility services – stalkerware apps rely on access to your camera, microphone, and certain folders. You can check whether your phone has stalkerware apps by heading to the Accessibility settings on your device and see which apps have access to certain functions.
- Look to see if a device administrator has been installed – device administration access is assigned to some pre-installed applications on Android devices, allows apps to write, erase, and transfer data from the device if it’s stolen or goes missing. Stalkerware apps need access to these administration settings to write and transfer data from one device to another.
- Manually run checks on apps – a great way to spot a dodgy app is to check through them individually to see if you’ve downloaded them or not. Most stalkerware apps won’t appear on the homescreen of your phone, but might appear on your device’s wider app list.
Protecting yourself against stalkerware
There are a number of things you can do to protect yourself against stalkerware:
- Be on the lookout for unusual behaviour on your device, including faster battery drain or a sudden increase in data consumption.
- Change your passwords and enable multi-factor authentication on devices that you trust.
- Never leave your smartphone or other devices unattended.
- Check through apps on your phone regularly and remove any unnecessary apps.
- Make sure your operating system and apps are always up to date so any known vulnerabilities are patched.
- As a last resort, back up your data and perform a factory reset on your device. Don’t forget that when doing a fresh install/factory reset of your device’s operating system, take care to only install essential apps.