Spyware installed on Android devices to stalk domestic abuse victims

Posted: September 29, 2014 by Nathan Collier
Last updated: March 31, 2016

As a threat researcher, I like to think I’m helping make the world a better place. We protect against malware that can compromise your device, steal personal information, costs you money, and commit many other malicious acts.

It didn’t occur to me until today that I was also protecting against stalking and domestic abuse while listening to story on National Public Radio (NPR) entitled Smartphones Are Used To Stalk, Control Domestic Abuse Victims.

With the use of spyware installed on victim’s mobile devices, abusers were able to eavesdrop on their victims remotely, and even more scary, track them using GPS.

In fact, a staggering 85% of victims were tracked by GPS according to NPR who surveyed 72 domestic violence shelters.

NPR named several companies that sell these spyware applications: mSpy, PhoneSheriff, MobiStealth, and StealthGenie.

All of these companies have apps can be ran on an Android device in the background. Here’s a list of some of features these apps can do:

Access calendar and address book
Control apps on device
Monitor call logs
Monitor conversations through popular communication apps like Skype
Monitor Instant Messages
Monitor keystrokes
Monitor SMS conversions
Monitor web history
Read emails
Record anything within the distance of your device’s microphone
Record calls
Remote control device
Track device using GPS

In my opinion, no matter how these companies advertise their apps, there is no reason anyone should ever put one of these apps on an unsuspecting victim’s device.

I’m a proud to say that we detect all of these unethical spyware apps. Anyone that suspects they are victims of such cyber stalking can scan their device using Malwarebytes Anti-Malware Mobile.

Nathan Collier

COMMENTS

piscesmike

I’d like to point out that there are legitimate uses for these technologies. Although I in no way support stalking or putting such things on an “unsuspecting victim’s device”, I would certainly consider putting one on my daughters cell phone, or on a spouse’s phone if I though there might be a problem. ACK!, I can hear you screaming. Legally, if I pay for the phone and service, I can put anything I want to on it.
Wack0

Ironically, I’ve been poking at and reversing phonesheriff/mobilespy recently. (The same company makes a win32 and OSX RAT called SniperSpy, the main win32 component of this wasn’t highly detected when I scanned it on virustotal.. but a couple of days after I got the sample, MBAM detected the visible setup as a PUP.)

For a company that develops malware, they sure have crappy websec in their panels and APIs.

I also lol that the iOS version of mobilespy, which of course needs a jailbreak, still asks for some random permission after installation. It seriously can’t bypass the asking for permissions dialog, when it runs as root? (I also wonder how many iOS devices are jailbroken and sitting there with SSH running and the default root password because of this malware)
Thom J Greco

People need to start getting educated on how to do internet security for your cell phone.
greg

I think people should download an antivirus on their android devices to stop malware from infecting there phone or tablet hackers are getting a lot smarter to stealing info and phone numbers is getting a lot easier these days and it can be because we just downloaded and app from the Google play store and boom your infected.
!!!watch out for what you download!!!!
plumplum

Not sure that is strictly true. If somebody of age is using it, even if you have paid for it you are assumed to be giving it fit for purpose, What you are actually doing is invading their privacy, however you justify it to yourself.
Your underage children may be a different matter but even then I think you would have to show a strong case.. I am not a lawyer. This may be completely wrong but is is how I think most people would see it.
Pingback: A Week in Security (Sept 28 – Oct 04) | Malwarebytes Unpacked()
gypsyluv

I have an iPhone. Does this article apply to iPhones?
CK

Hi Nathan Collier, I wrote a text here a few days back but it is not visible anymore…. Anyway, it is about the fact that I am certain that someone is spying on me. At first I got suspicious because this stalker knows exactly when I put on my android. This morning he referred to a conversation which I had with my daughter. He couldn’t possibly know about that (unless he had overheard through my Android microphone or any other device in that room). Though Anti malwarebytes program does not find anything it is clear as water that I am being spied upon. What do you suggest I should do?

RELATED ARTICLES

Cybercrime | Malware

Intentional PE Corruption

April 30, 2012 - Malwarebytes Anti-Malware is under constant attack. 24 hours per day, 7 days per week, 365 days per year. If you read my recent blog post about the development of Malwarebytes Chameleon, you know that we at Malwarebytes have big red ‘X’s on our chests; the bad guys are always out to get us. Malwarebytes Anti-Malware...

CONTINUE READING 14 Comments

Cybercrime | Malware

The Cat-and-Mouse Game: The Story of Malwarebytes Chameleon

April 24, 2012 - The fight against malware is a cat-and-mouse game. It is constant and constantly escalating. They make a move, you counter it, they counter your counter, lather, rinse, repeat. What’s more: malware almost always has the advantage. Our software Malwarebytes Anti-Malware earned a reputation for having a high success rate in combating new in-the-wild malware infections:...

CONTINUE READING 7 Comments

Cybercrime | Hacking

Cybercrime at $12.5 Billion: The Great Underreported Threat

May 7, 2012 - From the outside looking in, it may appear that the press regularly reports stories when a company’s website, database or intellectual property has been hacked, stolen or compromised. The more eye-opening fact of the matter is that the scale and scope of the cybercrime problem is much, much larger and the actual incidences of these...

CONTINUE READING 2 Comments

Cybercrime | Hacking

DDOS, Botnets and Worms…Oh My!

May 14, 2012 - The recent attack on the Serious Organized Crime Agency (SOCA), most likely in response to the 36 data selling sites shut down a few weeks ago, lead to the admission by high ranking SOCA officials that the Ministry of Defense networks need to “beef up their security.” In response to this we would like to...

CONTINUE READING 1 Comment

Cybercrime | Exploits

“The Sky is Falling… Are You at Risk from the Flame Malware?”

June 1, 2012 - The last time I checked with Google News this morning there were over 19,100,000 results for “flame malware”. You may have heard many stories this week about this complex trojan. Here are links to three of my current personal favorite articles on “Flame”. Powerful ‘Flame’ cyberweapon tied to popular Angry Birds game – (Fox News)...

CONTINUE READING 3 Comments

ABOUT THE AUTHOR

Nathan Collier
Senior Malware Intelligence Analyst

Full time mobile malware researcher, part time endurance mountain bike athlete and world traveler. As nerdy about biking as he is about mobile malware.

CATEGORIES

101 Cybercrime Malwarebytes news PUP Security world

SEARCH LABS

TOP POSTS