{"id":17027,"date":"2019-11-27T14:00:05","date_gmt":"2019-11-27T22:00:05","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/11\/27\/news-10763\/"},"modified":"2019-11-27T14:00:05","modified_gmt":"2019-11-27T22:00:05","slug":"news-10763","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/11\/27\/news-10763\/","title":{"rendered":"Stalking the Stalkerware"},"content":{"rendered":"

Credit to Author: Trend Micro| Date: Wed, 27 Nov 2019 20:54:33 +0000<\/strong><\/p>\n

\"A<\/p>\n

Ever get the feeling you\u2019re being followed? Unfortunately, when it comes to our digital lives, this is increasingly the case. But while we\u2019re all keen to boost our followers on social media, it\u2019s a different matter when it comes to anonymous third parties secretly stalking us online. Yes, we\u2019re already tracked by ISPs every time we go online, or by web providers like Google and social sites like Facebook and Twitter. But in these cases, we do get a little back in return: more streamlined, personalized services, and at the least, more relevant (if annoying) advertising. In the best scenario, though, we\u2019d never<\/em> be tracked without our consent.<\/p>\n

With a phenomenon known as stalkerware<\/em>, however, there\u2019s zero gain for the victim. This is nothing short of government-style surveillance software used by individuals to spy on others \u2013 usually someone you know.<\/p>\n

What is stalkerware?<\/strong><\/p>\n

We\u2019re all spending more time on our smartphones. For the first time ever this year, time spent on mobile devices exceeded that spent in front of the TV. By 2021, it\u2019s predicted<\/a> that Americans will be glued to their handsets for nearly four hours per day. We chat and flirt with friends on social media. We post our photos and status updates. We email, text, IM and call via our devices. We also shop, hail taxis, or navigate around town, listen to music or watch YouTube or TV, and even bank online \u2013 all from the mini-computer in the palm of our hands.<\/p>\n

Unfortunately, for some of us, there are people out there that want to know what we\u2019re doing and who we\u2019re with at all times. It could be a jealous partner, a jilted ex, over-protective parents, or even a suspicious employer. For them, a whole mini-industry has appeared over the past couple of years selling monitoring software, or more treacherously, trojan spyware and code that can hide itself, so you don\u2019t even know it\u2019s on your device. For just a few dollars, individuals can get their hands on an app which can monitor everything you do on your device. This includes<\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • SMS messages<\/li>\n
  • GPS coordinates\/location<\/li>\n
  • Emails<\/li>\n
  • Web browsing<\/li>\n
  • Keystroke logging<\/li>\n
  • Photo, video, and audio recording<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Breaking the law<\/strong><\/p>\n

Let\u2019s be clear: it\u2019s when monitoring software\u2014and certainly, spyware\u2014is used for stalking<\/em> that it really becomes stalkerware<\/u><\/em>. That means firms selling monitoring software may be operating in a grey area ethically and legally, depending on how the software is used. While they\u2019re technically legitimate, the surveillance software is usually branded in such a way as to keep them just this side of the law. Think of concerned parents who want to ensure their children are safe, or of employers who want to ensure their staff are where they should be during work hours. That said, those who use such software to spy on individuals without their knowledge or consent<\/em> are violating ethical standards and breaking the law. And if the software or code is specifically designed<\/em> to hide itself, as with trojan spyware or spying code\u2014then a line has certainly been crossed. You\u2019re now neck deep in the shady gumshoe world of stalkerware.<\/p>\n

There\u2019s a huge range of \u201cspyware\u201d or \u201cmonitoring\u201d apps available on the market today, including Retina-X, FlexiSpy, Mobistealth, Spy Master Pro, SpyHuman, Spyfone, TheTruthSpy, Family Orbit, mSpy, Copy9, Spyera, SpyBubble, and Android Spy. Given the often covert nature of the industry, it\u2019s hard to get an accurate picture of exactly how widespread the use of such software for stalking is, although the number of titles on the market should give some indication. Reports from 2017 suggested<\/a> 130,000 people had an account with Retina-X or FlexiSpy, while it was claimed<\/a> a few years prior that mSpy had as many as two million users.<\/p>\n

Stalkerware, or the use of monitoring software for stalking, represents not only a gross intrusion into your privacy, but also a possible security concern if the companies running these apps are themselves hacked<\/a> or accidentally leak data<\/a> belonging to victims of their customers.<\/p>\n

How do I know if my phone has been hit?<\/strong><\/p>\n

It can be quite difficult for users of stalkerware to install the spying app on your device without physical access to it. However, malicious links in emails, texts, on websites, or even on social media could represent a potential threat vector if attackers manage to trick you into clicking through to an unwanted install. Although iOS devices are difficult to tamper with unless they\u2019re jailbroken\u2014and jailbreaking itself is trickier than it used to be\u2014Android users are more exposed.<\/p>\n

While \u2018legitimate\u2019 GPS trackers and the like (such as Life360 and other monitoring apps) are available on Google Play and can be installed as visible apps, stalkerware is typically available on 3rd<\/sup>-party app stores, is installed without the user\u2019s consent, and will do its best to stay hidden on your device, potentially disguising itself under different app or process names. So here are a few things you can do to spot the tell-tale signs something is not quite right:<\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • Check the setting which allows apps to be downloaded outside the official Google Play store (which doesn\u2019t allow stalkerware). The UI can vary depending on manufacturer, but try Settings -> Security -> Allow unknown sources.<\/strong> If it\u2019s on and you didn\u2019t turn it on, you might have a problem.<\/li>\n
  • Check to see if there are any unusual apps on your phone that you can\u2019t remember downloading\/installing.<\/li>\n
  • Check Settings ->Applications -> Running Services<\/strong> to see if there are any unusual looking services running on your device. Try Googling ones you\u2019re unfamiliar with.<\/li>\n
  • Stalkerware could slow your device down, so if you\u2019re noticing any major hit to performance, it could be worth investigating further.<\/li>\n
  • Of course, if you start getting messages from the stalker, as in \u201cI\u2019m watching you!\u201d it\u2019s time to scour your device for the offending spying app or code.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

How do I keep my device secure?<\/strong><\/p>\n

By its very nature, stalkerware is designed to stay hidden, so it can be hard to spot. But here are a few ideas to keep your device, and life, free from unwarranted snooping:<\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • Don\u2019t let your device out of your sight.<\/li>\n
  • Don\u2019t click on suspicious links in unsolicited emails, texts, social media messages, etc.<\/li>\n
  • Install AV on your device from a reputable vendor who\u2019s publicly addressed the stalkerware problem, to help spot any unusual\/malicious activity like keylogging\u2014as well as (potentially) the stalkerware itself. If the AV can catch potentially unwanted applications (PUAs), it could spot the stalkerware, though the AV industry as a whole needs to improve its algorithms for protection from stalkerware.<\/li>\n
  • Keep an eye on what apps have been installed on the device.<\/li>\n
  • Switch on two-factor authentication for your online accounts, so that even if a third-party has your passwords, they won\u2019t be able to log-in as you, particularly for financial accounts.<\/li>\n
  • Use a Password Manager<\/a> to store long, strong and unique passwords for all your accounts, out of reach of a snooper.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

How Trend Micro can help<\/strong><\/p>\n

Trend Micro can help you fight against stalkerware on your Android device with Trend Micro Mobile Security<\/a>. It can scan your device before, during, and after a download to detect for:<\/p>\n\n\n\n\n
<\/td>\n\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Depending on the type of stalkerware, it could fall into any of the above categories\u2014but Trend Micro Mobile Security can help fight against all of them. Below are typical test examples of the protection processes it provides against Android malware, PUAs, and stalkerware.<\/p>\n

\"\"<\/p>\n

\"\"<\/p>\n

Trend Micro also offers protection from PUAs on PCs and Macs via Trend Micro Security<\/a>, to deal with the broader threat of stalkerware across multiple fixed as well as mobile platforms. Trend Micro Antivirus for Mac<\/a> also provides protection against webcam hacks, which can be used for stalking.<\/p>\n

Together, both solutions can help protect you\u2014and your Windows and Mac desktops and Android mobile devices\u2014against stalkerware.<\/p>\n

Tags: Stalkerware, Antimalware, Antivirus, Endpoint Security, Mobile Security<\/p>\n

The post Stalking the Stalkerware<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Trend Micro| Date: Wed, 27 Nov 2019 20:54:33 +0000<\/strong><\/p>\n

\"A<\/p>\n

Ever get the feeling you\u2019re being followed? Unfortunately, when it comes to our digital lives, this is increasingly the case. But while we\u2019re all keen to boost our followers on social media, it\u2019s a different matter when it comes to anonymous third parties secretly stalking us online. Yes, we\u2019re already tracked by ISPs every time…<\/p>\n

The post Stalking the Stalkerware<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[666],"class_list":["post-17027","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-uncategorized"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17027","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17027"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17027\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17027"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17027"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17027"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}