Smartphone NightCybersecurity

Kaspersky, Coalition Against Stalkerware continues fight for digital privacy

To mark International Day for the Elimination of Violence against Women, Kaspersky has introduced a special stalkerware and spyware detection tool — 12 months on from the foundation of the Coalition Against Stalkerware.

Stalkerware enables someone to secretly spy on another person’s private life via a smart device and is often used to facilitate violence against an intimate partner. The Coalition Against Stalkerware was established in November 2019 in response to this growing threat. To fight against technology-facilitated abuse, the initiative aims to unite both organizations that work to combat domestic violence and the IT security community.

“This is the first anniversary of the Coalition Against Stalkerware, and it has been quite a year in which we have learned a lot,” said Kristina Shingareva, head of External Relations at Kaspersky. “We now understand that stalkerware is not purely a technical problem. It’s not the IT part of the issue that is challenging, but the fact that we need to deal with the commercial availability of stalkerware, the lack of regulation around how it is being used and, perhaps the most difficult problem, the fact that violence against women and different forms of online abuse has been normalized.”

Kaspersky discovers phishing pages targeting PUBG accounts

Kaspersky predicts APT attacks will evolve in 2021

Within a year, the alliance has grown from 10 founding partners into a large international working group.

Certo Software, ECHAP, the German Institute for Technology and Journalism (ITUJ e.V.), Traced Ltd, and WESNET have recently joined the Coalition, which now has 26 partners.

Keeping technology safe for all

The Coalition considers stalkerware to be a growing problem that is, unfortunately, here to stay. In 2019, Kaspersky detected a 67% year-on-year increase of stalkerware usage on its users’ mobile devices at a global level. The number of stalkerware installations worldwide during the first 10 months of 2020 totaled to more than 48,500, which is close to the overall figure, which is almost 52,000 installations, observed over the same period in 2019. Although there is a slight decrease in numbers compared to last year, there is little reason to celebrate as there is still no indication that stalkerware is disappearing.

Kaspersky experts see incidents every day around the globe. It is important to stress that despite the risk that modern technologies can bring, survivors should not be discriminated against and should not stop using their devices.

“We have to make sure that survivors have access to safe internet, safe phones, and devices so that they can stay connected, reach out for help and, most importantly, be empowered to make the best decisions for themselves,” said Rachel Gibson, senior technology safety specialist at National Network to End Domestic Violence.

To help protect users against stalkerware, Félix Aimé, a security researcher in Kaspersky’s Global Research and Analysis Team (GReAT), has developed “TinyCheck,” a simple tool to detect stalkerware and spyware installed on smartphones and tablets, without making the perpetrator aware that such a check is being carried out.

“The idea came to me in a meeting while discussing the issue of stalkerware with a French women’s rights non-profit organization. The group wanted to help people who suspect stalkerware is running on their devices, without having to install additional applications or conducting forensic analysis,” said Aimé.

Raspberry Pi

This easy-to-use open-source tool relies on Raspberry Pi, a widely accessible platform. Using a regular Wi-Fi connection, TinyCheck scans a mobile device’s outgoing traffic and identifies interactions with known malicious sources, such as spyware-related servers. TinyCheck aims to help non-profit organizations, like service providers, support survivors of domestic violence to protect these individuals and their privacy.

The first version of the open-source tool is available now.

“We can provide technical training on different forms of tech-enabled abuse for the NPOs, but it’s not enough — it should be complemented with a chapter focusing on and reflecting survivors’ psychological experiences,” said Shingareva.

For users who suspect they may be affected or are being impacted by stalkerware, Kaspersky has the following recommendations:

  • Contact your local support organizations or the police. They can give you professional assistance if you are concerned about, or have found, stalkerware on your device. The Coalition Against Stalkerware website can provide a list of support organizations
  • Visit this site and watch an explanatory video by the Coalition Against Stalkerware, both of which are available in six languages (English, French, German, Italian, Portuguese, and Spanish), to find helpful information for survivors to better understand and detect the warning signs of stalkerware. The video lists common indicators to check if someone thinks they may be affected by stalkerware, and what steps they should and shouldn’t take
  • Use proven cybersecurity protection, such as Kaspersky Internet Security, to run a check on your device and discover if stalkerware has been installed on it