Global cyber-security leader Avast has in a note warned that there was a 51 per cent increase in the use of spyware and stalkerware during the lockdown period from March to June. The usage of these apps, the company had in its note said, increased during lockdown in the backdrop of heightened domestic violence cases.
What are spy and stalkerware apps?
Spy and stalkerware apps, like viruses and other malware, infect devices that are connected to the internet. While viruses and malware can be detected by anti-virus software, spyware and stalkerware apps disguise themselves as useful and send out stolen data to central servers without the knowledge of the users.
Ironically, most spyware and stalkerware apps disguise themselves as anti-theft applications that can be used to track in case the device is stolen or gets lost, cyber-security experts warn
A spyware app, which can also be installed remotely, accesses the data usage pattern of the device, gains access to photos and videos as well as other personal information of the user, and then passes it off to a central server.
On the other hand, in most cases, a stalkerware app can be installed only when someone has physical access to the digitally connected device. Though the app works in a manner similar to spyware apps, it goes a step ahead and also gives out the location of the device to a master device which controls the stalkerware app.
“Most stalkerware apps work in stealth mode with no trace of the app having ever been installed. Once installed, such apps can allow the master device to control, intercept, and even change your emails, text messages and your communication on social media platforms,” a Pune-based cyber-security expert said.
How do such apps work?
There are two of three-types of spyware and stalkerware applications. For spyware apps, the easiest method is to disguise the spying code inside the unauthorised versions of premium apps.
“For example, someone can claim to have a cracked version of a premium app such as Spotify. Now, whoever installs such apps can be remotely tracked easily. Since the code of the application (inside which the spyware codes are hidden) do not spy on the users, such codes pass the scrutiny of anti-virus programmes,” said the expert, who also works with government and security agencies.
Stalkerware apps on the other hand, seek explicit permissions at the time of their installation. Once the app is installed in the phone, it can be hidden from the apps menu into the background, from where they continue functioning.
“There are some dedicated apps which people install on their partners’ or their kids’ phones. When you install such apps, it asks for permissions such as access to gallery locations, call logs among other things. Once you do that, the master device which has a dashboard can see whatever is going on with the other device,” Guwahati-based independent cyber-security researcher Indrajeet Bhuyan said.
Why has the usage of such apps increased during lockdown?
One of the main reasons, experts said, is the increased usage of internet by everyone due to various lockdown measures in place.
“With apprehensions around Covid still in place, everything has gone online. Anything and everything which could bought offline from a market is now at your doorstep. But bringing that to the doorstep requires going online, which is where the opportunities for cyber criminals come,” the Pune-based expert said.
Another reason, highlighted by the UN Women in a report in April, was “security, health, and money worries” which was further accentuated by “cramped and confided living spaces”.
“Emerging data shows that since the outbreak of COVID-19, reports of violence against women, and particularly domestic violence, have increased in several countries as security, health, and money worries create tensions and strains accentuated by the cramped and confined living conditions of lockdown,” the UN women had said in its report.