SecureMac, Inc.

Do Macs get stalkerware?

November 8, 2022

Do Macs get stalkerware? It’s complicated! Learn more about Mac stalkerware threats in this article.

Do Macs get stalkerware?

We’ve covered iPhones and stalkerware before — but people sometimes ask us if Macs can get stalkerware too. It’s a great question, but one that doesn’t have a straightforward answer. Read on to learn more.

What is stalkerware?

Stalkerware is a catch-all term used to describe a wide range of privacy threats. The best definition we’ve seen comes from the Coalition Against Stalkerware:

Stalkerware refers to tools — software programs, apps and devices — that enable someone to secretly spy on another person’s private life via their mobile device. The abuser can remotely monitor the whole device including web searches, geolocation, text messages, photos, voice calls and much more. 

Stalkerware, then, is seen as a phenomenon primarily affecting mobile devices. It’s also far more personal than other privacy threats. Something like an employer monitoring you while you work wouldn’t be considered stalkerware: that’s “bossware”. Similarly, mobile device malware like Pegasus isn’t classified as stalkerware; security researchers tend to refer to it as state-sponsored spyware or surveillanceware. Stalkerware, on the other hand, is characterized by its use in abusive relationships and intimate partner violence. 

So…can my Mac get stalkerware?

Because stalkerware is defined as mobile device malware, the term can’t — strictly speaking — be applied to macOS malware. 

That said, there are many Mac malware variants that facilitate partner surveillance and stalking behavior. And while the term stalkerware is relatively new, we’ve been talking about the dangers of these related Mac privacy threats for years! For this reason, we’d be in favor of using “stalkerware” to describe certain forms of macOS malware.

Types of Mac stalkerware

Without worrying about the technical accuracy of applying the term to Mac privacy threats, then, here are some examples of macOS stalkerware.

Keystroke loggers, also called keyloggers, are a longtime Mac privacy threat. These sneaky spying tools are designed to remain hidden in the background while recording every keystroke on an infected system. Some have the ability to take screenshots or even use the system camera and microphone. In the context of intimate partner surveillance, they make an effective spying tool for someone who wants to monitor another person’s communications or web activities. 

Parental monitoring tools, sometimes also sold as employee monitoring tools, are apps that perform many of the functions of a keylogger. They are marketed as a way for concerned parents or business owners to monitor their children or employees. But of course, the developers of this off-the-shelf spyware don’t really care who buys their apps or what they use them for. And this kind of software can easily be used by abusers who want to spy on their partners.

macOS backdoors are probably not a widespread stalkerware threat due to the technical ability required to use them. However, they’re still something to be aware of on macOS due to their power and potential to do harm. In the past, Mac backdoors like Fruitfly have been used to infect large numbers of computers — so the threat is more than just theoretical. Backdoors may allow a bad actor to monitor a person’s web activity and private communications, spy on them using their webcam, or remotely access their files.

The danger of physical access

In conversations about Mac security, it’s common to hear people say that Mac malware isn’t all that serious because of the system-level protections provided by macOS. 

We’ll leave that argument for another day, but it’s worth noting that folks who make such claims usually assume that an attacker is going to be a remote attacker and a stranger: In other words, that they won’t have physical access to their target’s device or knowledge of that person’s admin password. Unfortunately, in many intimate partner or domestic violence situations, abusers have precisely this kind of access! That makes infection by one of the types of malware mentioned above far more likely.

How to prevent stalkerware threats on your Mac

There are a few basic best practices to take in order to prevent stalkerware type threats on your Mac:

  1. Don’t share passwords

    Your login and admin passwords should be known to you and you alone. If you need to let someone else use your Mac from time to time, create a Guest user account on your Mac for better security and privacy.

  2. Don’t allow physical access to your Mac

    You can set up your system to require a password to wake up your Mac or access it after the screensaver has started. It’s also possible to use Hot Corners to lock your Mac with a gesture when you get up from your computer.

  3. Scan for malware

    If you think that someone may have installed a keylogger or other Mac privacy threat on your computer, use a malware detection and removal tool to scan your system for malware.

  4. Get help

    The above advice works well for general prevention, but in the context of an abusive relationship, it may not be possible (or safe) to follow all of it. If you think that someone is using stalkerware to spy on you, and you don’t feel safe implementing the above measures, reach out and get help. The Coalition Against Stalkerware has a region-specific list of organizations that specialize in helping people who are experiencing tech-enabled abuse.

Get the latest security news and deals