What is Stalkerware?

You may have heard about “stalkerware”, an insidious threat to digital privacy that all too often comes from the people closest to us. In this article, we’ll tell you everything you need to know in order to understand what stalkerware is and how to avoid it.

The difference between stalkerware and spyware

The types of applications grouped under the umbrella term “stalkerware” have been around for a long time: keystroke loggers, location monitoring software, SMS and email readers, and remote access tools that can take screenshots or record video. 

Stalkerware thus sounds a lot like spyware to many people — but there is a crucial difference. Spyware carries the connotation of unambiguous criminal activity: hackers sneaking a malicious app onto a target device and using it to exfiltrate data. Stalkerware, on the other hand, blurs the line between malware and legitimate applications. Far from hiding in the shadows, it is marketed and sold openly to consumers.

Commercial-grade spyware

Companies that create stalkerware often use euphemistic language to market their products without explicitly calling them spying tools. Location and SMS tracking apps are presented as parental monitoring assistants. Software that can record messages or keystrokes may be packaged as backup solutions.

But reading between the lines, it’s clear that the developers of stalkerware know exactly who they’re selling to: people who don’t trust their child or intimate partner — and who have every intention of using the software to spy on them.

Stalkerware is often sold directly through the developer’s website, but also appears on official mobile app distribution platforms. While both Google and Apple have attempted to ban it, Android and iOS stalkerware continues to slip through the review process and make its way into the Play Store and the App Store.

Why is it called stalkerware?

These privacy-invading apps have been around for a while, but the term “stalkerware” is a more recent development. The name, however, is far more than just re-branding: It’s an acknowledgement of the way in which this type of software is often used — and of the real physical harm that it can lead to.

Although stalkerware is frequently marketed as a tool for worried parents, it is often used by jealous or abusive partners in intimate relationships. This kind of digital stalking of a partner is a serious violation of privacy and trust, but it can also be a prelude to far worse things: emotional abuse, psychological manipulation, or physical violence. In addition, it can be a form of violence in and of itself: a way of intimidating or controlling a partner in an already abusive relationship.

The case of stalkerware being used by parents to monitor their children is more of an ethical gray area, but for several reasons (cybersecurity among them), it is strongly recommended that parents not install stalkerware on their kids’ devices. A far better option is to use a device’s native parental control tools, such as Screen Time on iOS, and to talk openly and honestly with children to help them stay safe from online and offline dangers.

How to avoid, detect, and remove stalkerware

Stalkerware is a major invasion of privacy as well as a data security threat, and shouldn’t be on anyone’s phone, tablet, or computer. Here are some tips to avoid, detect, and remove stalkerware.

1. 1

   Protect your devices and accounts

   The best way to make sure that someone doesn’t install stalkerware on your device or compromise your accounts is to make sure that your digital life is locked down. Protect all devices with strong passcodes or biometrics, and all accounts with strong, unique passwords. Don’t share these with anyone, for any reason. If you think someone may have gotten hold of your passwords, change them (using a password manager will make this much easier). Lastly, turn on two-factor authentication whenever possible — that way, even if someone has your username and password, they still won’t be able to access your account.

2. 2

   Know how to spot phishing attacks

   Stalkerware is typically installed on a victim’s device by someone with physical access, but a determined individual with the right know-how could potentially use phishing tactics as a stalkerware delivery vector. Make yourself aware of the different forms of phishing that are out there, and follow best practices for avoiding them: Don’t click on links or download attachments from unknown senders, whether they come via email, social media, messenger apps, or SMS.

3. 3

   Detect and remove threats

   Note: Before attempting to remove stalkerware from your device, be aware that doing so will alert whoever installed it that they have been discovered. If you think this could be dangerous, see the next item on this list.

   If you’re using a Windows or macOS machine, use a reliable anti-malware tool to detect and remove stalkerware. Mac users can also check in ystem Preferences > Users & Groups > Login Items to find evidence of stalkerware activity, though depending on the sophistication of the program, this won’t always be revealing. Third-party detection tools are available for Android devices as well. Since Apple doesn’t allow antivirus apps of any kind in the App Store, iOS users will have to take a more hands-on approach. Look through your apps for anything you don’t recognize, and investigate — if it looks fishy, delete it. To make sure your device isn’t being managed by someone else, go to Settings > General. If you see an option for Profiles & Device Management, check it out: This can indicate that someone is managing your device remotely. If you do discover a profile managing your device and you don’t know where it came from or what it is, you can use the Remove Management setting to get rid of it.

4. 4

   Get help

   Of course, all of the above advice presupposes that users have the freedom to take these steps. Unfortunately, for people in abusive relationships, this is often not the case: Their partners will simply coerce them into disclosing passwords or allowing access to their devices. Refusal can lead to further intimidation or physical harm. If this describes you, please know that you are not alone, and that there are places you can turn to for help.

   Many within the security community recognize that stalkerware is a unique privacy threat that cannot be addressed through technological means only, and offer resources to help people in difficult or dangerous situations. The Coalition Against Stalkerware, an industry group working to end stalkerware, offers a safety toolkit and resource list of contacts that victims of stalkerware can turn to for help, as well as information on the legal status of stalkerware in different jurisdictions. Local domestic violence hotlines can also be good places to turn to for assistance.

We hope this article has helped you to understand more about stalkerware, and what you can do to avoid it. If you have questions, or would like to request additional resources, feel free to contact us at security@securemac.com.