The temptation is there: a family member forgets his cell phone on the table and the curiosity arises to snoop on the WhatsApp , the calls received or what web pages this person has visited, especially if doubts arise about fidelity as a couple. This temptation is not new but beyond getting the victim’s cell phone and browsing its content, there are now tools that do that dirty work without the knowledge (or consent) of it. This phenomenon has a name and has been baptized as stalkerware (something like “stalker virus”), and the bad news is that anyone can be spied on without being aware of it. How to detect if the mobile is affected by this software?
“Unlike parental control applications, these are not visible on the victim’s mobile”
Before analyzing the keys to detect this spy in the mobile, it is convenient to know how exactly the stalkerwareoperates . These applications have an operation very similar to that of malware or viruses: they are installed in the victim’s terminal and once there they begin to register all kinds of activity that is subsequently sent to a server accessed by the spy. However, this technique is not exactly the same: “Unlike malware, which is installed massively, this software is installed by someone who has access to the mobile phone, ”explains Fernando El Suarez, vice president of the General Council of Colleges of Computer Engineering, who also qualifies another important peculiarity of this type of apps: “Unlike parental control applications, these are not visible on the victim’s mobile.” But … how to know if a mobile is being spied using stalkerware ?
Appearance of unexpected pop-ups in the browser
The popular radio show in the United States, Kim Komando, warns that one way to discover a mobile victim of this espionage is through the sudden appearance of pop-up windows in the browser. These are unusual behaviors that should not be minimized by the victim. Similarly, a sudden increase in spam in email and receiving text messages from strangers too often should be grounds for triggering alarms.
Did the phone temporarily disappear?
If the strange behavior of a device has been preceded by a temporary loss of it (for example, it is left in one room and after searching for it, it appears after a few hours in another), this terminal is likely to have been temporarily stolen to install these programs . Experts remind us that it takes a few minutes with the mobile in hand to install these apps.
The battery suddenly lasts much less
A mobile with stalkerware works much more than a clean one, and this activity has its logical impact on battery life. If a sudden decrease in its performance is detected, accompanied by any of the other situations mentioned above, it is necessary to suspect and take the necessary measures.
The mobile is constantly overheating
As a continuation of the battery consumption, a mobile affected by this evil has to perform many more tasks than another clean and this also results in an increase in the temperature of the battery .
Install apps outside app stores
It is not a symptom in itself, but if any of these atypical behaviors are detected after having installed an application outside the official stores (App Store or Google Play), the possibility that the terminal has been infected is triggered. Both Apple and Google take the security of their platforms very seriously, and it is therefore highly recommended to install apps from their official stores. The good news for iPhone owners is that this device is hardly vulnerable to this attack since Apple forces to install all its apps through the store; Android is more likely to be attacked because it is feasible to install applications out of Google’s control.
What to do if there are suspicions? The most advisable thing is to carry out a restoration of the equipment to the factory values, although additionally it is recommended to install software that can detect this phenomenon. “In 2018, we identified more than 26,000 stalkerware applications, ” explains Daniel Creus of Kaspersky Security, to give a real dimension of the problem. This company has recently modified its mobile security applications to address this phenomenon.