Kaspersky shares state of stalkerware in 2020

Woburn, MA – February 26, 2021 – Today Kaspersky released “The State of Stalkerware 2020” report, which captures the incidence of the secret surveillance software often used in cases of domestic violence. The report found that 53,870 mobile users were affected globally by stalkerware in 2020. The figure is a slight drop from the year before, when 67,500 mobile users were affected, but the yearly curve began to rise again in the second half of 2020, after some lockdown measures were lifted.

Global prevalence

Stalkerware is a form of cyberviolence, affecting people in countries regardless of size, society, or culture. Russia, Brazil, the United States, India and Mexico were the top five countries where users were most impacted in 2020. The U.S. passed India, rising on the list from fourth in 2019 to third, with 4,745 users affected.

Germany was the top European country, occupying sixth place in the global rankings. Iran, Italy, the United Kingdom and, lastly, Saudi Arabia complete the ten most affected nations.

stalkerware226.png

Table 1 – 2020 Top ten most affected countries by stalkerware – globally

“We see the number of users affected by stalkerware has remained high and we detect new samples every day,” said Victor Chebyshev, research development team lead, Kaspersky.  “It’s important to remember that there is somebody’s real life story behind all these numbers, and sometimes there is a silent call for help. Therefore, we are sharing our part of the picture, with the community working to end the use of stalkerware in order to have a better understanding of the issue. It is clear that we all need to share what we are finding so we can further improve detection and protection for the benefit of those affected by cyberviolence.”

Action against cyberviolence

In 2021, Kaspersky joined forces with four partners to work on the EU-wide “DeStalk” project, which the European Commission chose to support with its Rights, Equality and Citizenship Program.

In 2019, Kaspersky co-founded, along with nine other organizations, the Coalition Against Stalkerware, which now has 30 members from five continents. The Coalition aims to improve industry detection of stalkerware, mutual learning from non-profit organizations and companies, and raise public awareness.

“The member organizations in the Coalition Against Stalkerware have made tremendous strides in the last year, including awareness-raising, detection of stalkerware, and research into the daily lives of survivors of domestic abuse,” said Eva Galperin, director of cybersecurity, electronic frontier foundation, in comments on the Coalition’s first anniversary. “The Coalition has enabled us to take a holistic approach to a complex problem. There is no simple solution and we must keep pushing forward on many fronts.”

Additionally, in November 2020, Kaspersky released a free anti-stalkerware tool, called TinyCheck, in order to help non-profit organizations support victims of domestic violence and protect their privacy. Its unique feature enables those organizations to detect stalkerware and inform affected users without making the perpetrator aware. The tool is supported by the IT security community and constantly updated with their help.

Users can check if their mobile device has stalkerware installed by looking for the following signs:

  • Check permissions in installed apps: Stalkerware applications may be disguised under a fake app name with suspicious access to messages, call logs, location, and other personal activity. For example, an app called “Wi-Fi” that has access to your geolocation is a suspicious candidate.
  • Delete apps that are no longer being used. If the app has not been opened in a month or more, it is probably safe to assume it is no longer needed. If this changes in the future, it can always be reinstalled.
  • Check “unknown sources” settings on Android devices. If “unknown sources” are enabled on your device, it might be a sign that unwanted software was installed from a third-party source.
  • Check your browser history. To download stalkerware, the abuser will have to visit some web pages the affected user does not know about. Alternatively, there could be no history at all if the abuser wiped it.
  • Use proven cybersecurity protection, such as Kaspersky Internet Security for Android, which protects you against all kinds of mobile threats, including stalkerware, and runs regular checks on your device.

Before removing stalkerware from a device:

  • Do not rush to remove stalkerware, since the abuser may notice. It is very important to consider that the abuser may be a safety risk. In some cases, the person may escalate their abusive behaviors in response.
  • Contact local authorities and service organizations supporting victims of domestic violence for assistance and safety planning. A list of relevant organizations in several countries can be found on stopstalkerware.org.
  • Consider whether you want to preserve any evidence of the stalkerware prior to removal.
  • Trust your gut instinct and do what feels safest to you.