The number of stalkerware attacks increased by half, rising from 40,386 in 2018, to 67,500 in December 2019, according to Kaspersky “Mobile malware evolution 2019” report.
Stalkerware apps, mostly free, could be downloaded from Google play but Google decided to remove apps with stalking features at the end of 2018, however, the numbers still increased regardless of Google’s action. Abusers can still find these apps on their developers’ websites and third-party publishers.
The numbers indicate that stalkerware apps not being available on official marketplaces, does not prevent abusers to download these apps from unofficial sites and execute them manually.
Kaspersky: Number of unique users attacked by stalkerware in 2018–2019
According to the chart, an all-time-high can be seen from March 2019 till April 2019; from March 2018 till June 2018 a decreasing flow rate is seen but the rate is steady between June and July. a decreasing flow rate in stalkerware attacks can also be seen in three periods of time: from August 2018 till September 2018, from October 2018 till November 2018 and from April 2019 till June 2019.
Stalkerware (also known as spouseware) are apps used to spy or stalk people, often wives, husbands, girlfriends, boyfriends, children, secret crushes, etc. by tracking their every move such as their text messages, photos, web browsing history, etc. These apps are often advertised as parental control tools.
“The creators of trackers generally focus on two main features: tracking victims’ coordinates and intercepting text messages.” Kaspersky experts say.
Kaspersky started monitoring stalkerware apps around the beginning of 2018 thus their data does not provide much information on previous years consequently there is not much data available on the evolution of stalkerware attacks.
If a stalkerware app is installed on a user’s device, data exfiltration by third parties other than the abuser could become very likely.
“If such an app gets onto a device, messages and data about the user’s location become accessible to third parties. These third parties are not necessarily only those tracking the user: the client-server interaction of some services ignores even the minimum security requirements, allowing anyone to gain access to the accumulated data.” Kaspersky says.
Back in November 2019 ten organizations including Kaspersky alongside Malwarebytes, G DATA CyberDefense, Avira and other organizations created the Coalition Against Stalkerware to enhance the detection of stalkerware. With the aid of law enforcement, the coalition also aims to prosecute companies that sell such apps.
