The Short Dangerous Step from Surveillance Software to Spyware

Surveillance software is legal. Spyware is illegal. Both monitor a specific smartphone owner’s use of their device and both can gather copious amounts of information from it. Both can turn on cameras, recorders, read emails and SMS messages, and monitor all internet use. They will also follow the user’s physical movements through GPS tracking.

The difference between surveillance software and spyware is that surveillance software installation needs the smartphone owner’s consent. Consent is not required for parents to put surveillance software on their child’s phone since they probably own the smartphone they give to their child and are responsible for their child’s safety. They can legally install surveillance software on the phone until the child is 18 years old. Businesses can install software on the phones they give employees if they tell the employees about it. Often, employees must sign a written agreement in order to use the provided phone with its surveillance software (and, quite likely, in order to continue employment in the company.) They must also agree to make no attempts to remove or circumvent the surveillance software.

It is a well-known fact among surveillance software companies that the real money lies in tapping into the large number of people who want to spy on a partner. Here is how one company advertised for Valentine’s Day.

 Spouses, boyfriend’s, and girlfriends can install surveillance software on their partner’s phone, but only if the phone’s owner agrees to the installation. Let’s face it, few would agree to this. However, in order to prove they can be trusted or for other reasons, some may agree to have their partner monitor their actions. In such cases, this would not break any laws. However, secretly installing surveillance software on a partner’s phone would be illegal since it would break the wiretapping law. Breaking this law could result in serious jail time and steep fines. Yet, every surveillance software developer knows that there is a huge demand from spouses and partners to use surveillance software to spy on their significant other’s phone. For legal reasons, these software companies always have a disclaimer about the illegal use of their software, but then hint on ways the user can get around these legal irritations.

This is where things get hazy. Surveillance software companies make it clear that the user of their software must have physical access to the phone they want to monitor. They realize that most people who want to spy on a partner may have trouble getting such access. This is why one of the most frequent questions they receive concerns the ability to install the surveillance-wear remotely. It seems that what customers really want is for someone to tell them how to secretly install spyware. There’s a name for that. It’s called hacking, and no legitimate company will tell you how to hack a person’s phone or do it for you.

That said, some companies claim that they can ‘install’ the surveillance software remotely. Isn’t that the same thing as hacking? Well, not exactly. The spy will still need access to the target phone. They will have to install a non-spyware app and let the company know the login details for that app. The software company will then have one of its employees install the surveillance software through the app.

Here’s an example. The company, Xnspy, points out a vulnerability in an iPhone which can allow someone to spy through a person’s iCloud account. The spy would still need to have the target’s iCloud login credentials, but, after receiving these, Xnspy will supply the spy with an interface/dashboard that will allow the spy to, among other things, read all messages without requiring access to the phone.

But what about Android phones? They are, apparently, more difficult to deal with so the company does say that,  “if you can’t really access someone’s phone privately for enough time to install the app, then maybe, it’s time for you to give an early Christmas gift with Xnspy pre-installed. ” Yeah, that would do it, and I suppose many have taken this approach.

Although Xnspy won’t hack the target phone for you, they will help you remotely install the software in a rather unique way. You would still need physical access to the target phone, but you would not need to install Xnspy. You would need to install a program called TeamViewer. TeamViewer is a popular program that allows administrators to control another computer or smartphone at a distance. It has its place in network security. For example, if a network user is having some problems with their device, an administrator could use TeamViewer to remotely take control of the device and solve the problem. With so many people now working remotely, such programs have become almost mandatory. But keep in mind what the program does. It allows someone to use your device as if they were you. They can look through your files, change your settings, and even install programs.

And that’s where Xnspy comes in. Once you install TeamViewer on the target device and send Xnspy the login data, they will be in control of that device. As such, they will install their surveillance app for you and let you know when that has been accomplished. You will then have full access to the targeted phone.

You may wonder what the difference is between installing TeamViewer and installing the Xnspy app directly. First of all, installation of the Xnspy app is not as simple as Xnspy makes it appear. Although they claim that most people can do this in 5 to 10 minutes, my guess is that it would take closer to 30 minutes, which means that the spy would need this much physical access time with the target phone. Although I have not done this myself, TeamViewers installation seems pretty straight forward. It may take longer to learn how to use it, but that’s not the spy’s problem. The Xnspy support team will take care of that.

It also may be easier to convince someone to install TeamViewer on their device rather than an app called, Xnspy or Mobile Spy. Look at it this way, the spy may not need access to the target phone at all. They could just persuade the target that it might be helpful to have such an app, as it would make it easier to solve any technical problems or to share files. However, if physical access to the phone is possible, the spy is told to delete TeamViewer as soon as the Xnspy support team installs their app. That would make it more difficult for the target to know they have spyware on their device.

TeamViewer claims that it is connected to over 2.5 billion devices around the globe. That’s a lot of responsibility. Imagine if it was hacked…oh, wait, it was hacked twice last year. What if I had the login credentials for a TeamViewer network and then asked Xnspy to install their surveillance app? That would give me remote access to some important devices and TeamViewer would unwittingly be an accomplice in a hacking crime. The hacker would be able to obscure their identity by laundering it through TeamViewer. I will give no further details here, but this could be a lucrative hacking vector. If my access to the network through TeamViewer was blocked by an administrator, I would still have my Xnspy access. This further blurs the line between surveillance software and spyware. It should be noted that TeamViewer was recently used to access a water treatment plant in  Oldsmar, Florida in an attempt to poison the water supply.

Hackers do offer their services in installing spyware.

These hackers will be more expensive and more risky than installing the spyware yourself, as you’d probably guess. According to one source, they will charge between $500 and $5000, depending on how secure the phone is.  Surveillance software, on the other hand, is rented by the month and is usually around $40.

All of this should show that the line between hacking and surveillance is more of a spectrum than a clean distinction. . In fact, a dedicated stalker could learn to hack into the target phone themselves. The truth is that it is far easier to hack someone you know than someone you don’t know. Ex-partners would be far more likely to open an infected attachment than a stranger would. Readily available and free remote access Trojans (RAT) exist. In other words, not only is it a short jump from surveillance software to spyware, it is also a short jump from being a stalker to becoming a hacker.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s