A bunch of antivirus software vendors and non-profits including Avira, Kaspersky, and the Electronic Frontier Foundation (EFF) have banded together to take on secretly-installed snooping apps plaguing your devices.
Dubbed the Coalition Against Stalkerware (CAS), the collaborative effort aims to fight domestic violence, stalking, and harassment by addressing the use of stalkerware and raising public awareness about the issue.
To that effect, the CAS intends to define best practices and improve the security industry’s response to stalkerware by sharing known samples among participating cybersecurity firms.
In all, 10 organizations are part of the coalition: Avira, the EFF, G Data, Kaspersky, Malwarebytes, the National Network to End Domestic Violence, NortonLifeLock, Operation Safe Escape, Weisser Ring, and the Work with Perpetrators of Domestic Violence.
Stalkerware apps — software used to spy on users’ messages, call information, and GPS locations — have become a class of “nuisanceware” often used by people to keep tabs on their close ones, thereby facilitating surveillance, harassment, abuse, stalking, and violence against intimate partners.
This is usually done by stealthily downloading the tracking apps onto victims’ phones without their knowledge in order to siphon off location data, phone calls, text messages, photos, and other sensitive information.
“In order to counter this issue, it is important for cybersecurity vendors and advocacy organisations to work together,” said Vyacheslav Zakorzhevsky, head of anti-malware research at Kaspersky.
“The IT security industry gives its input by improving detection of stalkerware and better notifying users of this threat to their privacy. Meanwhile service and advocacy organisations directly work with victims of domestic violence, know their pain points and requests, and can guide our work,” Zakorzhevsky added.
Earlier this year, EFF cybersecurity chief Eva Galperin called on the antivirus industry to take the threat of stalkerware seriously, even going to the extent of indicting executives of stalkerware-selling companies on hacking charges.
In response, Kaspersky’s antivirus software began flagged Android stalkerware apps as a “privacy alert,” in addition to offering users options to delete or quarantine them to cut off their access to sensitive information.
What’s more, last month the company noted that there were more than 518,223 instances of stalkerware on users’ devices or detected an attempt to install it during the first eight months of 2019 – a 373 percent increase in the same period in 2018 — with Russia, India, Brazil, and the US emerging as the prominent regions for Android stalkerware globally.
The newly announced coalition is an effort to combat this growing threat in the cybersecurity landscape.
Google, for its part, recently partnered with ESET, Lookout, and Zimperium to identify shady third-party apps on Android before they end up on users’ devices. However, it’s not clear if the initiative would cover such invasive tracking apps.
“The good news for users is that functionality and effective solutions are being put in place so they can protect themselves,” Kaspersky said. “IT security companies and advocacy organizations working with domestic abuse victims should join forces to ensure that cybersecurity companies respond better to stalkerware.”