Stalkerware is monitoring software or spyware that is used for cyberstalking.[1][2] The term was coined when people started to widely use commercial spyware or monitoring software to spy on their spouses or intimate partners. Stalkerware has been criticized because of its use by abusers, stalkers, and employers.[3][4]
Definition and uses
Many information security experts and journalists[who?] apply the term stalkerware to any software (malicious programs and legitimate commercial monitoring products) that can be used or potentially be used for stalking.[5][6][7] The following features of stalkerware are distinguished:
powerful surveillance functions (key logging, making screenshots, monitoring of Internet activity, recording of location, recording video and audio);
ability to work in stealth mode (the user is not notified about being monitored);
the application is not visible in the list of installed programs;
the running application is disguised as system processes or utility programs);
correct installation and/or operation of the application requires disabling anti-viruses or the built-in protection in the OS;
in case of mobile applications, the app is usually installed from resources other than official app stores, although there have been cases of stalkerware in app stores;[5]
the software manufacturer positions its product as a means of tracking an intimate partner or a tool for parental monitoring, while, in fact, anybody can use it to access another person's phone, determine their GPS location, read private messages, see through cameras and hear microphones.[8]
History
According to a 2014 survey by NPR, 75% of domestic abuse shelters surveyed reported that they were working with individuals who had been tracked by their abusers via stalkerware.[9] The rising popularity of stalkerware led to an arms race between apps which helped users protect their privacy, and apps designed to circumvent those safeguards.[10]
Throughout its history, companies which develop stalkerware have been subject to numerous hacks and data breaches, many by hacktivists in protest of stalkerware's unethical applications.[11] Companies including mSpy,[12] Flexispy,[13] and KidGuard have been targets of breaches.[14]
In 2018, computer security specialist and activist Eva Galperin created a project to eradicate stalkerware.[15] Galperin has advocated for stalkerware to be seen as malware, and for phone and software companies to take steps to safeguard against the use of such programs.[7]
In 2020, Kaspersky Lab released a report on the state of stalkerware. Among its findings were that the United States, Russia and Brazil were the three countries most affected.[11]
Reception
Stalkerware has been criticized for its use by abusers to control and monitor their victims. The European Institute for Gender Equality released a report on stalkerware and cyberstalking's connection to domestic violence.[16][17] Guides on how to detect and disable stalkerware have been published by sites including Mashable,[18]Wired,[19] and CNET.[20]
The news organization Vice publishes "When Spies Come Home", an investigative series about the use of stalkerware, and various controversies surrounding the industry.[21]