Beyond ads promising to expose a cheating spouse or track a long-lost love with software, there's stalkerware, a type of spyware that is similar to commercial malware. Stalkerware is as invasive as it sounds, and can be used as a form of domestic abuse, harassment, and sexual violence also known as intimate partner violence (IPV).
At Black Hat 2021, Lodrina Cherne, Principal Security Advocate at Cybereason, and Martjin Grooten, a security consultant who is also a coordinator at the Coalition Against Stalkerware, broke down how stalkerware works, how it fits into a cycle of domestic abuse enabled by technology, and what Silicon Valley can do about it.
Checking In or Stalking?
Ten percent of the 2,000 US adults surveyed by NortonLifeLock last year admitted to using an app to monitor an ex or current partner’s text messages, phone calls, and other communications. Men were 2.5 more likely than women to engage in this behavior. Younger adults were more likely to believe stalking is harmless, as 65% of the 18- to 34-year-olds surveyed said they have checked in on a current or former significant other.
So when does checking in become abuse? According to the US-based National Network to End Domestic Violence, any form of non-consensual surveillance creates the potential for a power imbalance in a relationship. Every person has a right to privacy, and violating that right, even if you’re just curious, has the potential to be abusive, the organization says.
How Does Stalkerware Work?
Stalkerware is hard-to-detect (and remove) software installed on mobile devices that makes it possible for another person to monitor and record another person’s activities without their consent. Cherne said stalkerware is most commonly seen on Android devices because Android allows users to disable security protection on their devices. Stalkerware can be found on older, unpatched iOS devices, but Cherne said abusers typically concentrate on iCloud access or custom hardware, like keyboards with built-in keyloggers for stalking iOS or macOS users.
There are apps marketed for spying purposes, but abusers may also use common tech features like remote-controlled Internet of Things devices, parental control software, family locator services, the Find My feature on iOS devices, or even access to the family desktop computer.
Cherne and Grooten emphasized that tech abuse rarely involves hacking. Most stalkerware apps are installed through physical access to an unlocked device, require no special technical skills, are affordable, and can monitor a lot of activity.
“[The apps] are hidden from the user," Cherne explained. "The activity that can be monitored includes real-time phone conversations... It's pretty scary."
How to Support Survivors
If you know someone who believes they may have stalkerware installed on their computer or another device, Grooten said to take a look at the wider problem before removing the software, because that option may not be the safest.
“The abuser will find out, and this sometimes leads to escalation of the abuse," he said. "Always allow the survivor to decide what to do."
Stalkerware itself isn’t usually the problem, it’s the relationship. Even if you manage to remove the software from the device, that doesn’t mean the issue is solved.
Grooten said it’s important to take survivors seriously, listen to their concerns, and follow their plan of action. Ultimately it’s their lives and their relationships at the center of this issue, and as a bystander, sometimes all you can do is lend a sympathetic ear or recommend online or community resources.
Eradicating Stalkerware
Cherne said it’s important for industry leaders to think about how their technology could be used against IPV survivors. It all starts with the design process. If designers are made aware of how their creations are being used for harm, they can put more effort into making sure the products they dream up won’t become the stuff of nightmares.
Keep reading PCMag for more Black Hat coverageBlack Hat coverage.