Advertisement
Advertisement
Cybersecurity
Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
(Picture: Shutterstock)

Police in China uncover ‘stalkerware’ app that lets users spy on partners

Phone spyware can reveal a victim’s location and chat conversations

This article originally appeared on ABACUS

When police in Nanjing, a city in eastern China, went through the phone of a fraud suspect in July, they noticed something unusual: It kept getting notifications of the real-time location of a particular phone number.

Investigators tracked down the owner of the number, who was completely unaware he was being spied on. The man turned out to be just one of more than 60,000 people nationwide who had fallen victim to a piece of so-called stalkerware, according to a CCTV report.
Stalkerware is a type of spyware that’s deliberately installed on a target’s device to monitor their activities. It steals personal data such as messages, phone records and GPS location -- and relays them to the stalker. Around the world, people have used it to spy on partners and coworkers.
In this case in China, the victim’s wife believed her husband was cheating on her, so she purchased the spy app for 999 yuan (US$142) and secretly put it on his phone. Like most stalkerware, the program was “hidden” from the phone owner: No app icon was shown. Without him knowing, the wife also gained access to his WeChat conversations, call record and SMS content.

WeChat, the app that does everything

Police used her purchase record to find the app’s creator, who’s accused of selling spyware through some 40 agents around the country.

Police say the stalkerware can also direct the victim’s phone to surreptitiously record ambient sound and take video. (Picture: CCTV via Tencent Video)
Stalkerware is a growing issue that’s not limited to China. The Russian cybersecurity firm Kaspersky found this year that stalkerware victims live across the globe, with people in Russia, India, Brazil and the US accounting for more than half of all targets. In Europe, stalkerware is most prevalent in Germany, Italy and the UK. 

And it looks like the problem is getting worse. Between January and August, more than 37,500 Kaspersky clients encountered stalkerware -- up 35% from the same period last year. 

Google and Apple have tried to crack down on spy apps, but according to Kaspersky, many stalkerware apps aren’t obtained from official app stores like Google Play. Rather, they are downloaded through dedicated websites. 
One company selling such apps online was Retina-X, which marketed its software as parental tools. The firm stopped accepting orders after a hacking incident, and just last month, it became the target of the US Federal Trade Commission’s first case against a stalkerware maker. RetinaX was banned from selling its apps until it can ensure they won’t be used for illegitimate purposes.
Chinese police found WeChat conversations on the stalkerware’s servers. (Picture: CCTV via Tencent Video)
For anyone who suspects they’re being spied on, Electronic Frontier Foundation’s director of cybersecurity, Eva Galperin, suggests that you first check whether your email or social accounts may have been compromised. If a person has the password to your accounts, they can see all your emails and private chats without using stalkerware.
Other steps you can take include using a password manager that can generate strong, unique passwords and choosing a security question that your suspected stalker won’t be able to guess the answer to.

As easy as it is for potential abusers to find stalkerware on the web, these apps don’t just magically appear on a phone. In most cases, someone needs to have physical access to your unlocked phone to install the app. So make sure you lock your phone with a passcode whenever you’re away -- and keep your PIN to yourself.

If you suspect that stalkerware is already installed on your phone, there are antivirus apps designed to warn users when spyware is detected, and they offer an option to delete it or stop it from accessing certain information. Kaspersky, for instance, was one of the first cybersecurity firms to include that function after a campaign by Galperin.

Finally, if none of these measures work for you and you’re still suspicious, there is one drastic step you can take: A factory reset. This will eradicate all apps and files installed after the phone left the factory.

For more insights into China tech, sign up for our tech newsletters, subscribe to our Inside China Tech podcast, and download the comprehensive 2019 China Internet Report. Also roam China Tech City, an award-winning interactive digital map at our sister site Abacus.

Post