Stalkerware: “Even your grandad will be monitoring phones in no time!”

85% of women entering domestic violence shelters say their attackers stalked them using GPS. 75% of them said their stalkers used remote surveillance tools. Brian Spitzberg  found, in one of the largest studies on the subject, that “2–13% of males and 8–32% of females are victimized by stalking at some point in their adult lives, and in the majority of such cases, the person is stalked by someone they know.” With the advent of commercially available spyware, or stalkerware, the stalker has another tool to work with. And it’s a very scary tool.

I understand that some people worry about giving out this information on cyberstalking tools, but stalkers are more determined than most people, and they will likely find them anyway. Besides, the purpose of this post is to both alert those who may be stalked and to help them find and remove stalkerware from their computers, smartphones, and tablets. First of all, however, it is necessary to give some sort of profile on the typical stalker. If you happen to be in a relationship with someone who matches the profile, you are far more likely to be a stalking victim.

This is not a psychological study so I will give a capsule summation of the common stalker based on a number of studies. First of all, stalkers tend to be narcissists. As such, they are incapable of normal human emotions. They have a noticeable lack of empathy. This can be readily seen in their penchant for cheating on their partners. “These individuals cheat repeatedly on their spouses or significant others, usually without understanding that they have done something wrong. The typical narcissist believes he/she is beyond reprisal and entitled to do as he or she pleases at all times.” They may apologize for such behavior only because they know they are supposed to do so. They cannot understand why their partner may not be able to simply put the matter behind them. “The narcissist may also feel obligated to maintain a ‘normal’ appearance of married life, while still viewing his spouse as a hindrance and resenting the fidelity she requires of him.”

These potential stalkers are not stupid. They can spot someone who is susceptible to their ‘charms’ and, indeed, they can be charming. They will choose a partner with low self-esteem who may even believe they don’t deserve to be treated well (martyr complex). Through psychological, emotional, and physical abuse, the narcissist will gain control over the other person. They convince the partner that they are nothing without them. However, if the partner, usually after some cathartic event, decides to end the relationship, the narcissist is thrown into a panic. You will sometimes only know you have a stalking partner when you leave them. They will inundate you with emails, phone calls, or text messages. They will suddenly show up in unexpected places. They will do anything to convince the partner to give them one more chance. This is because, for them, love is control. Without this control over the partner, their whole identity collapses and they will do anything to get it back…which brings us to cyberstalking.

In the old days, stalkers could hire a private investigator to keep an eye on (remotely control) their ex. Nowadays, it is far easier, far more efficient, and far more comprehensive to use spyware. In other words, stalkers now have more of the control that they are in love with. The good news for them is that they don’t need to be tech-savvy. As one of these popular spyware programs, Stealthgenie, points out, “StealthGenie is so easy to install that even your grandad will be monitoring phones in no time! You don’t need to be a mobile phone expert to install the application.” Not only is it easy to install, the websites give detailed instructions, including videos, on how to install their programs on any smartphone, computer, or tablet.

Now, you may ask if all this is legal. Well, of course, these companies are not going to openly market their products as stalkerware. These websites always claim they are helping parents keep an eye on their children or helping employers monitor the behavior of employees. However, when you find out how powerful these programs are, you have to wonder if any rational employee would allow an employer to have such power over their devices. In any event, the website publishes a disclaimer which tells people they should only use such programs on phones that they are authorized to control. However, this warning is unlikely to stop the dedicated stalker.

A stalker simply needs 10 minutes alone with your phone to install the spyware. Sometimes they give smartphones as gifts to either the person to be stalked or that person’s children. In any event, once the software is installed, it erases any tracks of itself except for what looks like a legitimate file like “android.sys”, which few users would ever attempt to delete. Here is a list of what one of the more popular spyware programs, mSpy, can do. Once installed, the stalker can

remotely record calls made from or received on the phone

restrict calls from certain numbers

view any text message

read emails

track gps location

view browser history, favorites, and block websites

access calendar, address book, and contacts

manage wireless connections

track Skype calls and read Skype messages

monitor WhatsApp, Snapchat, and other social networks

remotely snap photos with no sound or flash, view surroundings

listen in on any conversations occurring within range of the phone

monitor and block any applications on the device

see all keyboard strokes entered (keylogger – useful for getting passwords)

view all photos and videos

device wipeout– resets the device and destroys all data

device locking (renders it useless)

All this can be done from the mSpy dashboard (click ‘View Demo’) which is frighteningly comprehensive.

Now, you might think that the stalker would want to do this without the victim being aware, but that is not how narcissistic stalkers think. They want the victim to know that they still have power over them and will often give them hints that they are being monitored. They may say things such as, “why did you visit x yesterday?”, “why did you say this to x?” and other such remarks. You may have begun a new relationship only to find that the person never calls or responds to your messages. You simply don’t realize that the stalker has blocked such messages either from you or from your new acquaintance. With a little imagination, you can see how miserable a stalker could make your life. So what can you do?

First of all, if you are in a relationship with a controlling person, your chances of being stalked/spied on are very high. These increase exponentially if you leave such a person. But how do you know you are being spied on? As these programs become more sophisticated, this detection becomes increasingly difficult. However, there are a few things you can look for. Does your battery drain faster than usual? Do you hear strange background noises when you make calls? Does your phone suddenly light up and become active for no reason? These may indicate you have spyware, but the bad news is that the newer programs have overcome these problems.

If you have an iPhone, it would have to be jailbroken first to install the spyware app. If you see something like ‘installer app’, ‘cydia’, or ‘icy’ on your home screen, your phone has been jailbroken. You can also check to see if all your apps are listed in the Apple store. If not, your phone has been jailbroken. If you’re pretty sure you have spyware, the easiest way to set your iPhone back to normal is to update your operating system. This will remove the jailbreak and the spyware. Always backup your data before you do this. You can try to use this technique with Android and Blackberry phones as well. If updating the operating system doesn’t work, you can do a factory reset. This is a drastic step and will remove all the apps and data that you have on your phone. Back up everything first before you do this. Although this may be a last resort, it is worth the effort for anyone who is sure they are being spied on. All smartphones can be used as spyphones with one notable exception. Mspy admits that it cannot install spyware on Blackberry version 10 or greater, which probably means that their new Passport phone is also immune. I’m not a salesman for Blackberry, but this might be a possible workaround for those concerned about being stalked or having business information stolen.

As usual, the best prevention against stalkerware is a strong password. Let’s face it, many people don’t even bother with a password on their tablets or smartphones. Do not give out it or your phone code to anyone, no matter how close they are to you. The same advice goes for lending your phone to someone. Keep your phone with you at all times, especially if you worry about someone who may be showing a little too much interest in what you do. Although the spyware mentioned here may be legal, there are other ways that people can remotely monitor what you do. Exploit kits are available and can remotely set up spyware on your phone by using a trojan introduced through spearphishing or other social engineering attacks. Be careful with opening any email attachments.

All stalking must be treated seriously. “The U.S. Department of Justice estimates that every year over a million and a half people are stalked, over two-thirds of them women. Ninety percent of women killed by husbands or boyfriends had first been stalked.” This  should be an alarming statistic.  In addition, “at least half of all stalkers threaten their victims, which increases the possibility of violence. Frequency of violence averages 25 to 35 percent, with most violence occurring between people who have been romantically involved in the past.” Although such statistics might make you consider avoiding romantic relationships altogether, it is far better to understand stalker behavior and methods for short-circuiting it. Leaving a controlling relationship does not end it for the stalker. The stalker will ramp up control efforts which are more and more likely to include cyberstalking. Removing the cyberstalking option will make it more difficult for the stalker to keep tabs on a victim’s movements, but it will never totally stop the stalker. Other preventative actions will still need to be taken. When used together, these actions can help a victim regain control over their lives.

_______________________________________________________

Spyware is not only used for stalking. It can be used to gather business information as well. Attackers can eavesdrop on conversations, look through documents, and intercept communications. This is especially dangerous in a BYOD environment in which one infected device can compromise an entire network. Using InZero Systems’ architecture to separate any single device into two hardware-separated devices makes it impossible for the spy to access sensitive information on the business side of a device. This, combined with a strong MDM (Mobile Device Management) policy can go a long way to neutralizing any spyware that may find itself into a network. Contact InZero Systems to move your security to the next level.

Email: info@workplaytablet.com

 

About Steve Mierzejewski

Marketing consultant for InZero Systems, developer of the next generation in hardware-separated security, WorkPlay Technology. I've worked in Poland, Japan, Korea, China, and Afghanistan. I'm a writer, technical editor, and an educator. I also do some work as a test developer for Michigan State University.
This entry was posted in Uncategorized and tagged , , , , , , , , , , , , , , , . Bookmark the permalink.

9 Responses to Stalkerware: “Even your grandad will be monitoring phones in no time!”

  1. Joe Cicero says:

    The photo of the “father” on their website is a shutter stock photo… It can be found here: http://shutterstock.7eer.net/c/77643/108110/1305?u=http%3A%2F%2Fwww.shutterstock.com%2Fpic-111605690%2Fstock-photo-an-image-of-a-handsome-man-with-a-beard.html%3Fsrc%3DPS5DwrRy6S3EBRIUs8iKRA-1-1

    Leaves doubt about the CEO photo in my mind. As a forensic examiner I’m certain that the statement ” This state-of-the-art application works in stealth mode which means that it will never be found on the monitored phone.” is far from accurate.

    Nice article.

    Like

  2. Good work, Others have pointed out that some of these comments were contrived but no one has pointed to a stock photo being used. Yeah, it may be difficult to find the app but to say the application will never be found is stretching the facts a bit.

    Like

    • Good news. Most of these companies are located in the UK and sell from there. This guy made one big mistake trying to sell in the US. I noticed their website is down (temporarily?). Unfortunately, there are hundreds of these companies out there.

      Like

      • Joe Cicero says:

        The DOJ release can be found here: http://www.justice.gov/opa/pr/pakistani-man-indicted-selling-stealthgenie-spyware-app

        It reads in part… “The indictment alleges that Akbar and his co-conspirators fabricated the testimonials.” EXACTLY what we suspected.

        Site is down, it also reads… “StealthGenie was hosted at a data center in Ashburn, Virginia. On Sept. 26, 2014, a federal judge in the Eastern District of Virginia issued a temporary restraining order authorizing the FBI to temporarily disable the website hosting StealthGenie.”

        Like

  3. Pingback: How to Spot and Remove Stalkerware - IT AND US

  4. Pingback: Stalkerware? – TechNOWGuide!

  5. Pingback: How To Spot And Remove Stalkerware | Gizmodo Australia

  6. Pingback: How To Spot And Remove Stalkerware | Kotaku Australia

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s