Anti-Virus companies and Digital Rights Organizations are teaming up to form a coalition. That coalition is to take on stalkerware.
Malware has been around for quite a long time now. Adware is one such example where software is installed often without the device owners knowledge to display ads right on the desktop. Viruses and Trojan Horses are almost always installed without the device owners knowledge. The nature of the malware varies widely, ranging from getting a device to take part in a botnet, stealing login credentials, or, in some cases, disabling the target device entirely. Then there are other forms of malware like spyware and ransomeware where we could go on and on about what sorts of things they can generally do.
One form of malware, however, is relatively new and is only recently getting attention: Stalkerware. A quick and dirty explanation is that this software is installed on a device without the owners knowledge. The Stalkerware then sends information about the device back to the malicious third party actor. Things that can be sent back include when the device is on, GPS coordinates, text messages sent and received, and what websites are being viewed to name a few examples.
More attention is about to be directed towards this particular type of malware. That is thanks to the Coalition Against Stalkerware. This coalition is backed by major anti-virus companies and digital rights organizations. The Electronic Frontier Foundation (EFF), one of the backing organizations behind the coalition, issued a statement on the newly formed organization:
Groups supporting targets of domestic abuse are seeing a growing number of victims seeking help about stalkerware. According to Kaspersky, the number of its antivirus users finding stalkerware on their devices rose by 35%, from 27,798 in 2018 to 37,532 in 2019. The threat landscape for stalkerware has also widened, as Kaspersky has detected 380 various forms of stalkerware in the wild in 2019—31% more than a year ago.
The Coalition Against Stalkerware aims to provide help for victims and bring leaders in antivirus technology together to establish best practices for ethical software development. As a first step, the coalition’s founding members have created a proper definition of stalkerware—distinguishing it from surveillance software used for legitimate purposes—and reached consensus on criteria for detecting it.
Going forward, the coalition will work together to call attention to and warn people about the apps, educate consumers about how stalkerware works and how to spot and remove it on phones, provide online resources and help for stalkerware victims, and push antivirus makers to build stalkerware detection into their products.
The coalition launched an online portal today, stopstalkerware.org, with links to stalkerware survivor stories, a map identifying states with anti-stalkerware laws, and groups that provide support and services for victims of domestic violence.
The website itself currently shows off who is behind the organization. There is only a handful of posts so far, but they also have an information page on the legalities of Stalkerware and what Stalkerware is.
Obviously, this is a growing threat, so it is good news that there is going to be at least one organization devoted to raising awareness and fighting the malware.
Drew Wilson on Twitter: @icecube85 and Facebook.
