BLACK HAT USA: We need to be wary of mobile devices and IoT products, now widely abused to facilitate partner coercion, researchers have warned.
At the Black Hat cybersecurity conference in Las Vegas this week, Lodrina Cherne, Principal Security Advocate at Cybereason and Martijn Grooten, consultant and coordinator at the Coalition Against Stalkerware said that the COVID-19 pandemic has prompted a surge in the use of stalkerware in intimate partner violence (IPV) and gender-based violence.
The Coalition Against Stalkerware defines stalkerware as software, made available directly to individuals, that enables a remote user to monitor the activities on another user's device without consent and without "explicit, persistent notification to that user in a manner that may facilitate intimate partner surveillance, harassment, abuse, stalking, and/or violence."
Mobile applications and PC monitoring software come straight to mind. Unlike spyware, which may be employed to monitor indiscriminately or by government agencies and law enforcement investigations, stalkerware is generally used by individuals.
Such software can be used to remotely monitor and eavesdrop on phone calls, SMS messaging, Voice over IP (VoIP) applications, GPS/location data, messaging and social media apps, and to steal images and video from an infected device.
It is often the case that stalkerware is installed through physical access to a handset. However, malicious SMS messages or phishing emails may also be the infection vector, although remote installation in stalkerware is rare, Cherne noted.
"They are not hidden from a forensic practitioner," Cherne commented. "But they are hidden from the user."
According to the duo, stalkerware is most common on Android mobile devices, whereas this form of malware is most often detected on jailbroken, unpatched, or older iOS handsets. Desktop PC stalkerware also exists, although it is not as prolific.
This malware may be marketed as employee or children monitoring services and for 'good' and 'ethical' purposes -- but as it is so often hidden, stealthy, and doesn't require continual consent, can be used in IPV or to abuse others and violate their privacy.
Using technology to intimidate, spy on, or abuse someone, however, now can go beyond mobile apps. As noted by the security experts, Internet of Things (IoT) devices including Bluetooth/possession trackers, shared social media accounts, and other smart technology, for example, home security cameras, are also ripe for abuse.
Even remote-controlled devices such as smart thermostats or lights, too, could be used to demonstrate power over another and can be "intimidating," according to Grooten.
According to a WESNET survey conducted in Australia, 99.3% of domestic violence practitioners have clients who have experienced technology-facilitated abuse -- and the use of video cameras for this purpose, alone, has increased by 183.2% between 2015 and 2000.
"Tech abuse rarely involves hacking, it instead exploits a feature of the technology -- they are rarely built with IPV in mind," Grooten added.
In the United States, the Stalking Prevention Awareness & Resource Center (SPARC) says that one in four individuals experiencing domestic abuse report that technology was used in some manner.
While survivors may be "hyper-vigilant," as they have had to be to endure IPV, the suspicions or belief they are being spied upon through stalkerware should not be dismissed.
"Survivors should always be taken seriously to empower them," Grooten said. "Don't make decisions on their behalf and try to be supportive [..] understand that this is an abuse problem, not a technical problem."
Founded in 2019, the Coalition Against Stalkerware is a group of non-profit organizations, security advocates, and cybersecurity companies working together to fight stalkerware and other forms of technological abuse in domestic violence and coercive relationships.
Participants include F-Secure, the Electronic Frontier Foundation (EFF), Kaspersky, Malwarebytes, National Network to End Domestic Violence (NNEDV), and others. Interpol also supports the scheme.
"In recent years, the problem of stalkerware has been on the rise globally," the coalition says. "Non-profit organizations report a growing number of survivors are seeking help with stalkerware, and cybersecurity companies are detecting a consistent increase in these harmful apps."
For further information and advice, check out the coalition's guide video below, or check out our in-depth guide here:
Previous and related coverage
- Android stalkerware detection rates surged over 2020
- The ultimate guide to finding and killing spyware and stalkerware on your smartphone
- Google bans stalkerware ads
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0