COVID-19 has not only impacted global physical health, but also cyber health. The constant fixation on the Internet is indicative of the stalking behavior, and how perpetrators are using malicious online tactics to harass their targets. Digital security solutions provider Avast reported a 51% increase in the use of spying and stalking apps globally since the lockdown in March until June 2020, compared to January and February 2020.
India witnessed a 20% increase in the use of spyware and stalkerware apps. Stalkerware is a software designed in stealth mode, which allows people to spy on someone’s online activities like tracking their location, access their personal data, communications from WhatsApp and Facebook, eavesdrop on phone calls and make covert recordings of conversations without the target’s knowledge.
Avast has protected over 43,000 users across the globe from such malware since March 2020, with 3,531 users targeted in the U.S., 3,332 in India, and 3,048 in Brazil.
Avast researchers discovered three stalkerware apps in India, which are named after the Aarogya Setu app, India’s official COVID-19 app. If downloaded, the stalkerware installs along with the app and uses the original app permissions to get access to the AcessibilityService of the Android operating system. With these permissions, an attacker can access victim’s device data, make phone calls, get SIM serial number, read contacts, read and send text messages, record calls/audio, query call logs, and access device location and ID.
Avast research team has recommended certain security measures to defend against the threat of stalkerware:
- Secure your phone against all unauthorized physical access
- Install a good, mainstream antivirus product on your mobile phone
- Look for hotlines and victims’ services providers
Jaya Baloo, CISO, Avast said, “Stalkerware is a growing category of domestic malware with disturbing and dangerous implications. While spyware and info-stealers seek to steal personal data, stalkerware is different: it steals the physical and online freedom of the victim. Usually installed secretly on mobile phones by abusive spouses, ex-partners, so-called friends, and even concerned parents, stalkerware tracks the physical location of the victim, monitors sites visited on the internet, text messages and phone calls, undermining a person’s individual liberty and online freedom.”
