Stalkerware makes invasive surveillance more personal than everF-Secure joins the Coalition against Stalkerware to help expand the company’s approach to safeguarding personal information.
Helsinki, Finland – June 4, 2020: Cyber security provider F-Secure has joined the Coalition against Stalkerware to support the efforts of advocacy groups, software developers, security firms, and victims working to eliminate this new threat.
Stalkerware can be generally defined as surveillance software that enables the monitoring of an individual without consent for purposes of harassment, stalking or other forms of abuse. Providers of these tools often hide them in plain sight by marketing them as benign or even helpful apps.
In February, F-Secure’s Tactical Defense Unit analyzed one such app called KidsGuard.* The analysis found that the app can be installed on a phone without the user’s permission or awareness to obtain GPS locations, account name, on-screen screenshots, keystrokes, and also access to photos, videos, and browser history.
Since then, F-Secure’s researchers saw stalkerware activations increase as the shelter-in-place orders related to Covid-19 began in early March. Even today, detections have remained higher than before the pandemic forced people into isolation, indicating a small but sustained increase in the use of these apps.
“Stalkerware evolved from the same culture of mass surveillance and data collection that now pervades the internet,” said F-Secure Vice President Christine Bejerasco, who leads F-Secure’s Tactical Defense Unit (TacDef). “But what makes this a threat that hits closer to home is these simple-to-use apps can be installed on an Android device either from an obscure website that hosts the app or from app stores in spite of attempts to stop them. This puts these intrusive surveillance capabilities into abusers’ hands.”
The most prevalent stalkerware app detected by TacDef is Cerberus. The software markets its features as tools for monitoring a child or protecting a stolen device. However, many of the app’s advertised capabilities are easy for a stalker to weaponize. For example:
- Taking pictures of thieves can give a stalker access to the device’s photos
- Backing up data can give a stalker access to all the information stored on their victim’s device
- Setting secure areas and receiving alerts when the device enters/exits the area can allow a stalker to monitor their victim arriving and leaving specific places
“We’re committed to protecting F-Secure’s customers from the culture of pervasive surveillance and data collection that’s consuming our digital lives,” said Bejerasco. “Joining this coalition of like-minded organizations will enable us to address this threat on a wider scale.”
The coalition’s goals include improving the identification of unwanted, potentially abusive technologies throughout the industry, and raising awareness about stalkerware threats.
More information on the Coalition against Stalkerware is available on its website.
Nobody has better visibility into real-life cyber attacks than F-Secure. We’re closing the gap between detection and response, utilizing the unmatched threat intelligence of hundreds of our industry’s best technical consultants, millions of devices running our award-winning software, and ceaseless innovations in artificial intelligence. Top banks, airlines, and enterprises trust our commitment to beating the world’s most potent threats. Together with our network of the top channel partners and over 200 service providers, we’re on a mission to make sure everyone has the enterprise-grade cyber security we all need.
Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.
F-Secure media relations
+358 40 637 8859
Latest Press Releases
F-Secure launches ID PROTECTION to fight back against data breaches with a fast and comprehensive solution for data security.
F-Secure joins the Coalition against Stalkerware to help expand the company’s approach to safeguarding personal information.
F-Secure Cloud Protection for Microsoft Office 365 is built to secure inboxes as businesses move to cloud-based email services.