IT Security Companies Join Forces against growing ‘Stalkerware’ menace

Ten organizations – Avira, Electronic Frontier Foundation, European Network for the Work with Perpetrators of Domestic Violence, G DATA Cyber Defense, Kaspersky, Malwarebytes, National Network to End Domestic Violence, NortonLifeLock, Operation Safe Escape and WEISSER RING – have launched a global initiative called the Coalition Against Stalkerware.

What is stalkerware?

Stalkerware programs carry the possibility for intrusion into a person’s private life and are being used as a tool for abuse in cases of domestic violence and stalking. By installing these apps, abusers can get access to their victim’s messages, photos, social media, geolocation, audio or camera recordings (in some cases, this can be done in real-time). Such programs run hidden in the background, without a victim’s knowledge or consent.

For some years, the problem of ‘stalkerware’ has been on the rise. Non-profit organizations are experiencing a growing number of victims seeking help with the problem. According to Kaspersky, the number of users facing stalkerware rose by 35%, from 27,798 in 2018 to 37,532 in 2019. The threat landscape for stalkerware has also widened, as Kaspersky has detected 380 variants of stalkerware in the wild in 2019 – 31% more than a year ago

Until now, there was neither an agreed-upon standard definition for stalkerware nor detection criteria which made it particularly difficult for the IT security industry to communicate around the issue. With this in mind, the founding members of the Coalition Against Stalkerware have taken the important step of creating a proper definition and reaching a consensus on detection criteria.

StopStalkerware.org

The Coalition has also launched an online portal, www.stopstalkerware.org, with the goal of helping victims, facilitating knowledge transfer among members, developing best practices for ethical software development and educating the public about the dangers of stalkerware.

A key objective of the website is to provide a helpful online resource for victims of stalkerware. Users will find information on what stalkerware is, what it can do, and, most importantly, how to protect themselves. The website lists common indicators to check if a user thinks they may have become a victim of stalkerware, and what steps they should and should not take. For example, it is important to consider whether removing stalkerware could potentially cause more harm, as the abuser will be informed immediately by the app, or it could erase evidence critical to a law enforcement investigation.

For potentially affected users, the Coalition Against Stalkerware recommends immediately contacting a local victim service organization or a law enforcement agency to help provide victim safety measures.

“For years, Malwarebytes has detected and warned users about the potentially dangerous capabilities of stalkerware, an invasive threat that can rob individuals of their expectation of, and right to privacy. Just like the abuse it can enable, stalkerware also proliferates away from public view, leaving its victims and survivors in isolation, unheard and unhelped. Forming and fighting together with the Coalition against Stalkerware is the next, necessary step in stopping this digital threat—a collaborative approach steered by the promise of enabling the safe use of technology for everyone, everywhere.” – David Ruiz, Online Privacy Writer, Malwarebytes Labs

The Coalition has been envisioned as a non-commercial initiative to bring stakeholders from non-profit organizations, industry and other areas such as law enforcement under the same umbrella. Due to the high societal relevance for users all over the globe, with new variants of stalkerware being developed on a regular basis, the Coalition Against Stalkerware is open to new partners and calls for cooperation

To find out more about the Coalition Against Stalkerware please visit the official website www.stopstalkerware.org

To find out more about the State of Stalkerware in 2019 please check the Report made available by Kaspersky and supported by the Coalition Against Stalkerware.