Stalkerware (or spouseware) is a class of commercial software designed for spying on the user of the device on which it is installed.
Unlike Trojan spyware, stalkerware is not considered malicious; its developers sell it openly and market it as useful apps, such as parental controls. Also, to install stalkerware an attacker usually needs to have physical access to the victim’s device.
At the same time, stalkerware differs from useful apps by virtue of its secrecy: These programs do not show user notifications, and they often conceal their very existence on the device, for example by hiding their icons from lists of installed apps. Some stalkerware mimics other programs, including system applications, and for this reason, some classify stalkerware as riskware — potentially dangerous software.
Stalkerware functionality
Capabilities vary from one app to another, but most are able to do the following:
- View photos, videos, and other files on the device;
- Read information entered from a physical or virtual keyboard;
- Take screenshots, record video and audio;
- Read messages on instant messaging and social media apps;
- Track device location;
- Intercept SMS messages, tap telephone conversations;
- Transfer the information collected to a server.
Some stalkerware-type apps can independently acquire unlimited privileges on the device. Others may require the user to give permissions manually.
Some stalkerware-type apps detect antivirus and other security programs on the device and require the user to remove or disable them. Stalkerware can also warn its operators that the victim has installed an antivirus app or is trying to remove the spyware.
How to detect stalkerware
Possible warning signs of a stalkerware app on a device:
- Decreased battery life and increased Internet usage;
- Requests to grant permissions, such as access to the camera, microphone, location, and Android Accessibility services, from apps that do not need those permissions to function.
Certain antivirus programs, as well as purpose-built software and hardware, can also detect stalkerware.
Legality of using stalkerware
In many countries, stalkerware is not prohibited by law, or in some cases its legal status is ambiguous. Using such programs with criminal intent may be illegal, however. In particular, in some countries, a stalker may be held liable for spying on an intimate partner without their consent.