The US Federal Trade Commission (FTC) has taken a stand against stalkerware applications in a first-of-its-kind settlement with Retina-X Studios.
This week, FTC attorney Lisa Weintraub Schifferle said the company, the maker of stalker software including MobileSpy, PhoneSheriff, and TeenShield, failed to make sure the apps were used for legitimate purposes.
Retina-X markets their apps as legitimate software offering "parental controls for mobile."
However, the apps could be purchased by anyone who wanted to use the software, and for any purpose -- whether this would be monitoring their child's device, or for more nefarious purposes such as covertly spying on a spouse or another family member.
PhoneSheriff, for example, is an Android application that facilitated GPS tracking, call recording, text message access, and the plundering of Internet browsing histories.
These highly-invasive features did not only raise the ire of the US agency. Last year, a hacktivist threatened to "burn the company to the ground" and later compromised the firm's network, leading to Retina-X halting new orders for the apps in May 2018.
"Retina-X Studios, which offers cutting edge technology that helps parents and employers gather important information on devices they own, has been the victim of sophisticated and repeated illegal hackings," the company said at the time. "The perpetrators of these illegal acts have been motivated by their unfounded opposition to the private activities of parents and employers on devices they own and with the consent of users of the devices."
The FTC's complaint is not fully focused on the capabilities of the software -- but rather a lack of checks in how it is used.
"They were marketed for monitoring children and employees, but in the wrong hands, they let abusers track people's physical movements and online activities," Schifferle said.
No procedures were in place to check how the apps would be utilized, the FTC says, and instead, their use would often require the overall security of mobile devices to be weakened through jailbreaking or device rooting.
Another affront to legitimate use was the removal of the app icons after installation. If device monitoring was truly intended for business or parental use, then knowledge -- and consent -- could be implied, but not if there was no trace of spying on a device with the software installed.
This, in turn, could lead to stalking, spying, and abuse.
The FTC was also unhappy with Retina-X's data protection practices. When the hacktivist compromised the software developer's servers, images generated by TeenShield and PhoneSheriff were exposed.
Now the case is settled (.PDF), Retina-X has agreed to make sure their apps are only used for "legitimate purposes" in the future, and the company has also been told to destroy all of the data previously collected by their apps. In addition, Retina-X must set up a "comprehensive information security program."
ZDNet has previously published a comprehensive guide on how to find out if your smartphone has been infected with stalkerware. Retina-X software has made the list.
Generally speaking, there are some basic steps you can take to try and ascertain if your device has been compromised by spyware or stalker apps.
Keep an eye out for any suspicious device behavior as well as any unexpected power drain. These types of applications may not be immediately apparent and are usually hidden from view, but they still require juice to run.
In addition, a key clue is checking to see if your device has been rooted without your knowledge -- Root Checker will do the hard work for you -- as well as whether or not apps are permitted to install outside of official app repositories.
Update 16.16 BST: Retina-X counsel told ZDNet:
"While the firm's clients were the unfortunate victims of a skilled hacker, they would like to thank the FTC for its professionalism during the course of the investigation."
Previous and related coverage
- Open database leaked 179GB in customer, US government, and military records
- The ultimate guide to finding and killing spyware and stalkerware on your smartphone
- New versions of FinFisher mobile spyware discovered in Myanmar
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0