The Growing Danger of Stalkerware: How to Find, Remove and Report it

by Reese Kimmons, MS ISA

What is stalkerware?

“Stalkerware” is a term used to describe applications that secretly track the activities of the users of the devices on which they are installed.  Many apps used as stalkerware are actually marketed as tools parents can utilize to monitor their children’s online activities and track their locations in order to keep them safe. 

Distressingly, these parental monitoring tools, along with apps specifically designed for cyberstalking, are being widely used by domestic violence abusers. These criminals install the programs on their victims’ computers or mobile devices and use them to track their every move without their knowledge.

Stalkerware is nothing new.  In fact, National Public Radio did a story about it back in 2014. 

NPR found that, within the 70 domestic abuse shelters they surveyed, 85% reported that they were working with victims whose abusers tracked them via their devices’ GPS.  Additionally, 75% reported that abuse victims under their care unknowingly had apps installed on their mobile devices that allowed their stalkers to secretly eavesdrop on their conversations. 

According to a study published by Northwestern University, 53,870 mobile device users in the U.S. were found to have been victimized by stalkerware in 2020.  The problem continues to grow.

This article will do a deep-dive into stalkerware, the information it collects, how you can avoid becoming a victim, and how you can identify stalkerware and safely remove it from your devices.

Woman typing 'Stalking' into computer

How is stalkerware installed and what data does it collect?

Typically, a stalkerware app is manually installed on the victim’s device by someone close to that person.  This could be the victim’s partner, former partner, spouse, coworker, boss, or even the victim’s parent.  

Unfortunately, once installed, stalkerware apps can allow criminals to monitor just about anything their victims do while using their devices. 

Stalkerware can monitor the following:

  • Tracking browsing history
  • Tracking physical location
  • Listening in on phone calls and other conversations
  • Reviewing call logs
  • Reading text messages
  • Accessing contacts
  • Reading emails
  • Viewing images
  • Accessing the device camera

Protecting your devices from stalkerware

There are some steps you can take to minimize the chances that stalkerware will be installed on your computer or mobile devices.  Implementing these recommendations will also raise your overall level of cybersecurity.

Since installing stalkerware usually requires that your stalker or an accomplice has direct access to your device, never leave your devices unattended or unsecured. 

This is especially true if you are in a public location.  Keep your devices with you at all times.  

Make sure you use a screenlock and that you protect access to your device using facial recognition or a PIN that only you know. 

Use strong account and device passwords.  Passwords should be complex combinations of upper and lowercase letters, numbers, and special characters.  They should be at least 12 characters in length.

Someone may try and trick you into downloading stalkerware by sending you a link.  Don’t click on download links in emails, texts, or social media messages. 

Do your own research about the recommended app and, if you have an Android or iOS device, only download applications from the Apple App Store or Google Play.  Downloading apps from other platforms is risky as the apps likely haven’t been extensively reviewed for safety. 

Be sure you read some reviews and look at the app ratings to learn exactly what an app does before downloading it.  Find out what information the app will collect and how the data will be shared.  Determine what access the app requires. 

Will it have access to your device camera and images?  Will it access your messaging and email services and your contacts? 

Weigh the convenience of having the app against the potential for invasion of your privacy.

Periodically review the apps installed on your personal computers and devices.  If you see any apps that you do not use and/or did not install and if you do not have any reason to believe you are currently being stalked, uninstall them. 

If you do suspect that you may be a stalkerware victim, read this article in its entirety before uninstalling any apps as doing so may alert your stalker

While you’re reviewing your installed applications, it’s also a good idea to review the security and access settings for each one to ensure that they do not have access to sensitive information that they shouldn’t need.

Be sure that all of your devices are running antivirus/anti-malware protection and that the applications are set to automatically download new virus definitions.  Make sure they are set to periodically scan for and address any threats.

Stalkerware can be difficult to detect

Applications designed with the legitimate intent to provide parents with monitoring capabilities and help keep their kids safe online are often misused by bad actors to stalk their victims, but these legitimate apps are usually fairly easy to find on a device. 

Spyware that’s designed specifically for stalking can, however, be very difficult to detect and is designed to hide itself from the device user. 

There are steps IOS and Android device users can take to dig down and find apps that may otherwise be hidden.

iOS users:

  • Go to the Settings app
  • Scroll down to see a list of all apps
  • Make a list of any apps you don’t recognize
  • Go to Settings > Privacy and review the access these apps have to things like your camera, microphone, contacts, and location

Android users (note that this may vary depending on your device):

  • Go to Settings > Apps
  • Select any unfamiliar or suspicious apps to expand and view access permissions
  • Review the access these apps have to your camera, microphone, contacts, location, etc.

Carefully review these apps looking for anything suspicious.  Their names may be purposely deceptive and may appear similar to those of legitimate apps. 

Parental monitoring and stalkerware apps are readily available for both Android and iOS devices, so neither operating system is more susceptible to infection than the other.

Other indicators of stalkerware infection may include your device mysteriously going missing, then reappearing sometime later.  This may indicate that a bad actor temporarily acquired your device to install stalkerware. 

Also, if you’ve loaned out your device, the likelihood that unwanted applications, possibly including stalkerware, have been installed is increased.

Is stalkerware illegal?

There is no simple yes or no answer to this question.  There are too many variables. 

If, for example, someone with your permission to access your device installs a legitimate child monitoring app, that act, in and of itself, would not violate any law. 

If, on the other hand, a criminal under a restraining order prohibiting any contact with you temporarily absconds with your phone, installs stalkerware to monitor your activities, then returns your device without you noticing, then that is a very different matter. That person should be prosecuted. 

The apps, themselves, most likely aren’t illegal in your area.  It’s how they are used that could violate applicable law.

Recommended Reading: How Apple AirTags, Tile Trackers and LandSeaAir have made stalking and unwanted personal tracking much easier

Six common stalkerware apps to watch out for

In addition to the legitimate parental monitoring apps often misused by cyber stalkers, there are some popular stalkerware apps designed specifically to facilitate the covert monitoring of targeted individuals. 

The names of two of the most popular of these apps indicate that they are intended to help employers monitor their staffers, but they could be used to stalk any target. 

Six popular cyberstalking apps available for download are:

  1. Track Employees Check Work Phone Online Spy Free
  2. Phone Cell Tracker
  3. Mobile Tracking
  4. Spy Tracker
  5. SMS Tracker
  6. Employee Work Spy

If you find any of these apps installed on your device, immediately take the actions recommended in the next section.

If you believe you’re a victim of stalkerware…

First, it’s important to note that anyone tracking your device will be alerted if you uninstall the stalkerware. 

It’s best to seek help before taking any action on your own.  Immediately discontinue use of the device and contact your local law enforcement agency. 

If you’re involved in a court action with your stalker, perhaps you already have access to a shelter, advocacy group, or attorney who could help you with a plan of action. 

Domestic violence advocacy groups can provide a tremendous amount of help to stalking victims.  They can assist you with formulating a safety plan and providing you with the resources and support you need to stay safe and to remove the threat from your device(s).

image of CCTV watching computer keyboard

If there is no immediate threat…

Perhaps your device is behaving strangely or you think someone may have had access to it and could have installed something you don’t want. 

You’ve carefully reviewed your installed apps and haven’t found anything that looks suspicious, but you’re concerned that there may be some stalkerware hiding somewhere on your device. 

If you have no reason to believe you are in danger and that removing the potential hidden threat would alert a stalker, here are some actions you can take to address the issue:

  • Do a factory reset of your device.  This will remove all information from your device including your installed apps and account data.  Be sure you run a backup of all your critical data before the reset.  You can then restore your data after the reset, but do not do a complete restore from backup as this may also reinstall the stalkerware app.
  • Buy a new device.  This will certainly ensure that any stalkerware is no longer monitoring your activities.  Just make sure that your device dealer doesn’t restore your old apps to your new device.
  • Reset all of your passwords.  Anyone monitoring your activities may also have the passwords for your online accounts.  Reset the passwords for all of your accounts.  Consider getting a password manager that will create and “remember” all of the complex passwords you’ll need and secure them for you.

Recommended Reading: 12 Tips to Manage Your Online Privacy and Protect Your Identity in 2022

Final thoughts

Certainly, given the proliferation of cybercrime and the growing number of criminals seeking out children as their potential victims, there is a place for quality parental monitoring tools. 

These legitimate applications allow parents to control and monitor the activities of their children while online and to protect them from those who would do them harm. 

Unfortunately, these same tools are being exploited by stalkers and domestic abusers seeking to wreak havoc upon their targets. 

Additionally, dedicated stalking apps specifically created to secretly monitor victims’ activities are also readily available and their use is increasing.  These apps are designed to hide themselves from their victims and are often very difficult to detect and remove.

Stalkerware victims should seek help immediately and should not attempt to resolve the issue on their own. 

Removing stalkerware will likely alert the criminal and may place the victim in additional danger. 

There are resources available to victims of cyberstalking including local law enforcement agencies and advocacy groups.  Victims may also wish to contact the U. S. National Domestic Violence Hotline at 800-799-7233.  The Coalition Against Stalkerware is another excellent source of information regarding this growing problem.  

If you believe you are a victim, do not try and resolve the issue on your own.  Take advantage of the assistance available.

About the Author:

Reese Kimmons is an experienced IT executive with an AAS in Applications Programming, a BS in IT Management and an MS in Information Security and Assurance. During his time in the IT industry, Reese has earned certifications in ethical hacking, forensics investigations, ISO/GIAC, and Cisco networking.

Leave a Comment

Your email address will not be published.