Thanks for signing up, a member of the Global PR team will be in touch with you shortly.
Stalkerware can be generally defined as surveillance software that enables the monitoring of an individual without consent for purposes of harassment, stalking or other forms of abuse. Providers of these tools often hide them in plain sight by marketing them as benign or even helpful apps.
In February, F-Secure’s Tactical Defense Unit analyzed one such app called KidsGuard.* The analysis found that the app can be installed on a phone without the user’s permission or awareness to obtain GPS locations, account name, on-screen screenshots, keystrokes, and also access to photos, videos, and browser history.
Since then, F-Secure’s researchers saw stalkerware activations increase as the shelter-in-place orders related to Covid-19 began in early March. Even today, detections have remained higher than before the pandemic forced people into isolation, indicating a small but sustained increase in the use of these apps.
"Stalkerware evolved from the same culture of mass surveillance and data collection that now pervades the internet,” said F-Secure Vice President Christine Bejerasco, who leads F-Secure’s Tactical Defense Unit (TacDef). “But what makes this a threat that hits closer to home is these simple-to-use apps can be installed on an Android device either from an obscure website that hosts the app or from app stores in spite of attempts to stop them. This puts these intrusive surveillance capabilities into abusers’ hands.”
The most prevalent stalkerware app detected by TacDef is Cerberus. The software markets its features as tools for monitoring a child or protecting a stolen device. However, many of the app’s advertised capabilities are easy for a stalker to weaponize. For example:
The coalition’s goals include improving the identification of unwanted, potentially abusive technologies throughout the industry, and raising awareness about stalkerware threats.
More information on the Coalition against Stalkerware is available on its website.
Nobody has better visibility into real-life cyber attacks than F-Secure. We’re closing the gap between detection and response, utilizing hundreds of our industry’s best technical consultants, millions of devices running our award-winning software, and ceaseless innovations in artificial intelligence. Top banks and enterprises trust our commitment to beating the world’s most potent threats. Together with our network of the top channel partners and over 200 service providers, we’re on a mission to make sure everyone has the enterprise-grade cyber security we all need.
Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.
Sign up for media information from F-Secure.
Browse through our news by year.
Browse through our news by category.