Malicious apps in the Android ecosystem isn’t news to anyone and in a new turn of events, cybersecurity researchers found a total of seven apps on the Play Store that allowed users to snoop in on someone else’s phone activity.
The seven apps combined had been installed a total of 130,000 times with the two most popular apps Spy Tracker and SMS Tracker installed more than 50,000 times each.
According to researchers at Avast, all the seven apps “were likely designed by a Russian developer” and allowed “people to stalk employees, romantic partner, or kids”.
These apps were able to collect the target device’s location, contacts, SMS and call history. The stalkerware apps, which have been now removed, were published under the following names:
- Track Employees Check Work Phone Online Spy Free
- Spy Kids Tracker
- Phone Cell Tracker
- Mobile Tracking
- Spy Tracker
- SMS Tracker
- Employee Work Spy
How do the stalkerware apps work?
The aforementioned apps would require the snoop (eavesdropping tech) to gain access to the phone that the user wants to spy on. Once in place, the snoop will silently download the stalkerware/spyware apps from the Google Play Store without the targeted user knowing as the snoop also helps in hiding any indicators from the targeted device. Even when an app is remotely set up by a user on the target device, no app icon is created on the home screen.
Following are the excerpts of Play Store descriptions for SMS tracker and Spy tracker apps, as first reported by Avast. These will help you get an idea of what the stalkerware apps were all about.
- SMS Tracker: “Our app will help you monitor work time of your employees to save time and save money. Notify the users of work phones that you are going to install the app. It will teach your employees to use their time at work wisely, to reduce time spent on messengers and arrive to work in time.”
- Spy Tracker: “Find out more about your child’s life, interests, friends and plans. Parents are responsible for every step that their kids make. So this app is created to monitor them and protect them from dangers that can be revealed via cell phone. It is better to talk to children, but if you are not a good listener…”
“These apps are highly unethical and problematic for people’s privacy and shouldn’t be on the Google Play Store,” Nikolaos Chrysaidos, Avast’s head of mobile threat intelligence and security, who identified the apps said. “They promote criminal behaviour and can be abused by employers, stalkers or abusive partners to spy on their victims. We classify such apps as stalkerware.”