Avast threat analysts found three stalkerware apps that are named after Aarogya Setu and use a similar icon.

Spying represented by a magnifying glassImage for representation
Atom Data Security Tuesday, July 21, 2020 - 20:10

Digital security and privacy products provider Avast has found a 20% monthly increase in the use of spying and stalker-ware apps in India since the lockdown in March as compared to the first two months of the year. Globally, a 51% increase has been observed in the use of such apps from March to June, in comparison to January and February 2020.

Stalkerware is a software that allows people to track someone's location, access their personal photos and videos, intercept emails, texts and app communications such as WhatsApp and Facebook, as well as eavesdrop on phone calls and make covert recordings of conversations over the internet, without the intended target's knowledge. 

Avast says it has also observed a number of COVID-19-related apps designed to spy on users, which collected more information about its users than required to function. 

Avast threat analysts have found three stalkerware apps in India that are named after India's official COVID-19 app, Aarogya Setu, and use an icon looking like, or reminding of the official app’s icon.

“When downloaded, the official Aarogya Setu app gets installed along with the stalkerware app. The stalkerware apps use the original app to get approval from the user to allow the collection of sensitive information. To spy on the user, it then uses the Accessibility Service of Android to get various permissions and have the ability to – make phone calls, get SIM serial number, read contacts, read phone state, read and send text messages, record calls/audio, access call logs, device location and ID,” Avast said in a media statement. 

The apps can also hide their icon, making it hard for the user to notice, and they also have the capability to mute the ringer.

Jaya Baloo, CISO (Chief Information Security Officer), Avast said, â€śStalkerware is a growing category of domestic malware with disturbing and dangerous implications. While spyware and info stealers seek to steal personal data, stalkerware is different: it steals the physical and online freedom of the victim. Usually installed secretly on mobile phones by so-called friends, jealous spouses, ex-partners, and even concerned parents, stalkerware tracks the physical location of the victim, monitors sites visited on the internet, text messages and phone calls, undermining a person’s individual liberty and online freedom.”

Avast says it has protected over 43,000 users globally from such malware since March 2020. This growing digital threat identified by Avast is set against the backdrop of an increase in domestic violence during lockdown, called a “shadow epidemic” of the coronavirus by Phumzile Mlambo-Ngcuka, Executive Director of UN Women.

“Across the globe, it’s been reported that the number of domestic violence cases have consistently increased during lockdown, and that tallies with what we’re seeing in this digital threat. We’re committed to doing all that we can to protect our users from this rising threat.” Jaya added.

India's National Commission for Women (NCW) has seen a more than two-fold rise in gender-based violence during the lockdown in India. Between March 23 and April 16, NCW registered 587 domestic violence complaints, a 45% increase from the previous 25 days. The Childline India helpline received more than 92,000 calls between March 20-31, the start of India's lockdown, asking for protection from abuse and violence. 

Mitigating the threat

In order to mitigate the threat of stalkerware, you should secure your phone against all unauthorised physical access. Smartphones are often left unprotected by their users. According to Pew Research, over a quarter of mobile users have no lock-screen protection on their smartphones whatsoever, and just over half use neither thumbprints nor PIN codes to keep their devices private. This makes it simple for a suspicious partner to secretly install stalkerware without being noticed. Equally, do not lend your unlocked phone to anyone unless you fully trust their intentions. It can take less than a minute to install a stalkerware app on a device. Further, install a good, mainstream antivirus product on your mobile phone. A good mobile antivirus will treat stalkerware as a PUP – a potentially unwanted programme – and give you the option to remove it. Avast says a mobile security product such as Avast Mobile Security can help keep your mobile device secure from stalkerware in addition to other malware and potentially malicious apps. ​

Become a TNM Member for just Rs 999!
You can also support us with a one-time payment.