Who's watching you? How stalkerware leads to real-world violence

Online stalking can be hard to detect but often results in real-world violence.

In 2020, a young Singaporean woman was distressed to see posts appearing on her Facebook sharing heated text conversations she'd had with her husband, Nicholas Wang Weichou.

It emerged that Wang had been monitoring her calls and messages and had accessed her social media through a stalkerware app he'd installed on her phone. Wang was sentenced to jail earlier this year.

This was by no means an isolated incident. According to Kaspersky, a quarter of people globally have been stalked by a partner using technology — and, shockingly, 30 percent said they had no issue with monitoring their partner themselves under certain circumstances.

And in many areas of the world, it's a growing problem, with research from Avast showing that in the year following the first Covid lockdown in the UK, there was a 93 percent increase in the use of spyware and stalkerware apps.

"ICT technologies are powerful tools for perpetrators exerting coercive control, especially in relationships where violence is already present offline," said Berta Vall Castelló and Anna McKenzie from the European Network for the Work with Perpetrators of Domestic Violence, commenting on the findings.

What is stalkerware?

Stalkerware, usually installed secretly on a mobile phone, allows a jealous spouse, for example, to track the physical location of the victim and monitor activity such as sites visited, phone calls and text messages.

And its use can often be a precursor to real-world harassment or worse, with Kaspersky's research showing a strong correlation globally between online stalking and real-world violence or abuse.

Many tracking apps are pitched at parents wanting to keep tabs on their children and are easy to find in the App Store or on Google Play. However, apps such as these are usually obvious to the user, and Apple phones will generally need to be jailbroken for anything to be installed on the sly.

However, rather less wholesome apps exist, and can, depending on circumstances, be sneakily installed without the user's knowledge. These have started to come under the spotlight over the last year, with a number of court cases around the world in which stalkerware suppliers have been prosecuted. Last year, for example, the FTC, for the first ever time, banned a stalkerware maker, SpyFone, from the surveillance industry.

In a recent report, VPNoverview cites mSpy, Spyera, Flexispy, Umobix, Ikey Monitor, and Clevguard as commonly-used spying apps, some of which even allow call recording, keystroke recording, and remote capture of screenshots.

Apps like these use misleading app titles or icons, mimicking a calculator, calendar, or battery management app. Prior to Android version 11, indeed, some apps could even be configured to hide their icons from the home screen altogether.

It's also possible for an abuser to sidestep the requirement that an iPhone be jailbroken by, for example, offering a phone as a gift with the stalkerware already installed. Indeed, there are even organizations that will send such a poisoned phone straight to the victim, delivered in factory packaging.

Telltale signs

There are, though, certain signs that stalkerware may have been installed on the phone. It may, for example, start experiencing random reboots, slow performance, and unusually high data use.

Other signs include overheating, a fast-draining battery, and taking a long time to shut down. Sometimes the user receives strange text messages, or the phone makes unusual sounds.

But the only way to be sure is to go through every single app on the phone, opening it to make sure that it is what it purports to be. App icons may be hidden but should appear in the main apps list. Alternatively, certain virus programs can detect and remove stalkerware.

However, Kaspersky points out it is often a bad idea to remove stalkerware or alter settings — this may alert the perpetrator and could erase important data or evidence that could be used in a prosecution.

Over the last year or two, there have been legislative moves to limit the use of stalkerware. Last year, Japan made it illegal to track location data without a user's permission.

The US Federal Trade Commission (FTC) banned Android app supplier Support King from selling its SpyFone app - the first ban of its kind - and the European Commission has published a proposal for a directive that would, amongst other things, criminalize cyberstalking.

All the same, more needs to be done. With the advent of home automation, for example, there are more and more opportunities for an abuser to track their victim's whereabouts and activities. Future legislation needs to be sufficiently broad and clear to give stalkers no place to hide.

More from Cybernews:

Ukrainian cybercrime suspect with Russian ties arrested after years on the run

Price of corporate espionage: Chinese intel officer sentenced to 20 years in Ohio

Twitter might finally introduce encrypted DMs

Microsoft partners up with tech firm to build supercomputer

Iran-sponsored actor breached US federal agency

Subscribe to our newsletter