June 4, 2020 |

Stalkerware makes invasive surveillance more personal than ever

F-Secure joins the Coalition against Stalkerware to help expand the company’s approach to safeguarding personal information. 

Helsinki, Finland – June 4, 2020: Cyber security provider F-Secure has joined the Coalition against Stalkerware to support the efforts of advocacy groups, software developers, security firms, and victims working to eliminate this new threat.

Stalkerware can be generally defined as surveillance software that enables the monitoring of an individual without consent for purposes of harassment, stalking or other forms of abuse. Providers of these tools often hide them in plain sight by marketing them as benign or even helpful apps.

In February, F-Secure’s Tactical Defense Unit analyzed one such app called KidsGuard.* The analysis found that the app can be installed on a phone without the user’s permission or awareness to obtain GPS locations, account name, on-screen screenshots, keystrokes, and also access to photos, videos, and browser history.

Since then, F-Secure’s researchers saw stalkerware activations increase as the shelter-in-place orders related to Covid-19 began in early March. Even today, detections have remained higher than before the pandemic forced people into isolation, indicating a small but sustained increase in the use of these apps.

“Stalkerware evolved from the same culture of mass surveillance and data collection that now pervades the internet,” said F-Secure Vice President Christine Bejerasco, who leads F-Secure’s Tactical Defense Unit (TacDef). “But what makes this a threat that hits closer to home is these simple-to-use apps can be installed on an Android device either from an obscure website that hosts the app or from app stores in spite of attempts to stop them. This puts these intrusive surveillance capabilities into abusers’ hands.”

The most prevalent stalkerware app detected by TacDef is Cerberus. The software markets its features as tools for monitoring a child or protecting a stolen device. However, many of the app’s advertised capabilities are easy for a stalker to weaponize. For example:

  • Taking pictures of thieves can give a stalker access to the device’s photos
  • Backing up data can give a stalker access to all the information stored on their victim’s device
  • Setting secure areas and receiving alerts when the device enters/exits the area can allow a stalker to monitor their victim arriving and leaving specific places

“We’re committed to protecting F-Secure’s customers from the culture of pervasive surveillance and data collection that’s consuming our digital lives,” said Bejerasco. “Joining this coalition of like-minded organizations will enable us to address this threat on a wider scale.”

The coalition’s goals include improving the identification of unwanted, potentially abusive technologies throughout the industry, and raising awareness about stalkerware threats.

More information on the Coalition against Stalkerware is available on its website.

*Source:  https://techcrunch.com/2020/02/20/kidsguard-remove-stalkerware/

 

About F-Secure
Nobody has better visibility into real-life cyber attacks than F-Secure. We’re closing the gap between detection and response, utilizing the unmatched threat intelligence of hundreds of our industry’s best technical consultants, millions of devices running our award-winning software, and ceaseless innovations in artificial intelligence. Top banks, airlines, and enterprises trust our commitment to beating the world’s most potent threats. Together with our network of the top channel partners and over 200 service providers, we’re on a mission to make sure everyone has the enterprise-grade cyber security we all need.

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.

f-secure.com | twitter.com/fsecure | linkedin.com/f-secure 

 

F-Secure media relations

Adam Pilkey

+358 40 637 8859

 

Latest Press Releases

June 9, 2020

Overwhelming identity theft risks demand a new approach to securing personal information

F-Secure launches ID PROTECTION to fight back against data breaches with a fast and comprehensive solution for data security.

June 4, 2020

Stalkerware makes invasive surveillance more personal than ever

F-Secure joins the Coalition against Stalkerware to help expand the company’s approach to safeguarding personal information. 

May 29, 2020

A start button for securing cloud-based email

F-Secure Cloud Protection for Microsoft Office 365 is built to secure inboxes as businesses move to cloud-based email services.

May 26, 2020

Research finds Android handsets suffer from region-specific security issues

Region-specific settings and configurations leave users vulnerable in some countries but not others.   

%d bloggers like this: