Slashdot Mirror
Kaspersky Lab Will Warn You If Your Phone is Infected With Stalkerware (cnet.com)
Kaspersky Lab said today it would start flagging stalkerware as malicious, and warn people through its Android app when stalkerware is installed on their phones. In 2018 Kaspersky Lab detected stalkerware on 58,487 mobile devices. From a report: Stalkerware is frequently used by stalkers and abusers to spy on people through their phones. It essentially turns victims' phones into surveillance devices, letting an attacker track a person's every step and listen in on every word. Stalkerware is quietly installed on people's devices, and then accesses personal data including GPS location, text messages, photos and microphone feeds. You don't have to be an expert to get your hands on it -- stalkerware is sold online, for as little as a few hundred dollars. Some purveyors offer subscription plans for $68 a month, according to Kaspersky Lab.
Kaspersky Lab said it was motivated to start flagging stalkerware apps after speaking with Eva Galperin, the Electronic Frontier Foundation's head of cybersecurity. "As a result, we now flag commercial spyware with a specific alert which warns users of the dangers stalkerware poses," Alexey Firsh, a security researcher at Kaspersky Lab, said in a statement. "We believe users have a right to know if such a program is installed on their device."
Kaspersky Lab said it was motivated to start flagging stalkerware apps after speaking with Eva Galperin, the Electronic Frontier Foundation's head of cybersecurity. "As a result, we now flag commercial spyware with a specific alert which warns users of the dangers stalkerware poses," Alexey Firsh, a security researcher at Kaspersky Lab, said in a statement. "We believe users have a right to know if such a program is installed on their device."
1. Why did Kaspersky (apparently) not previously mark this "stalkerware" as malware? Since it is, you know... malicious? Makes no sense. Why even make the distinction between "stalkerware" and "malware" at all? Both are the same thing.
2. Does this mean that Kaspersky will show warnings on 100% of all "mobile phones", then, since 100% of these surveillance devices are used for stalking you?
3. How can this "stalkerware" be said to "turn[s] victims' phones into surveillance devices" when they already *are* surveillance devices by design, and impossible to escape? No sane human being walks around with these things, or talks to anyone who wears one or has one nearby.
4. How does this "stalkerware" end up on the victims' surveillance devices in the first place?
Bonus question: can somebody tell me of an .onion that lets me enter any phone number and then get a JSON blob with the last 10,000 GPS positions for that phone? Payments over Bitcoin, please.