Research from ESET disclosed that Android stalkerware apps possess vulnerabilities that can let hackers threaten victims by affecting their security and privacy. Moreover, researchers claimed that this kind of software has become very prevalent in the last couple of years.
Security flaws in stalkerware apps
ESET researchers analyzed 86 Android stalkerware apps and identified around 150 security vulnerabilities in 58 of those.
- The vulnerabilities could be utilized by attackers to take over a victim’s device. Moreover, they can threaten the victim by uploading fake evidence.
- The most common issues included insecure transmission of the victim’s PII (22) and storage of sensitive data on external media (19).
- The researchers unveiled the flaws to the development team following their 90-day disclosure policy.
- Until now, only six vendors have addressed the security flaws identified by the researchers, seven vendors are looking to fix them, and a single vendor opts to not fix the issues.
Increased use of stalkerware apps
The use and popularity of stalkerware apps are increasing. In 2019, Android stalkerware detections happened five times more than in 2018, and in 2020 it was 48% more than in 2019.
- About ten days back, the Better Business Bureau sent out warnings regarding stalkerware apps that could provide access to someone’s phone to another person. They recorded a large number of cases in 2020.
- Last month, a report revealed that the use of stalkerware apps allowing abusers to spy on partners increased by 93% during the. There were around 755 cases of stalkerware apps last year.
Conclusion
This research provides a warning to the users and potential future clients of stalkerware apps. Using such apps is unethical, and furthermore, could lead to exposing the private or sensitive information of multiple people and put them at risk of cyberattacks and possible fraud in the future.
Source: https://cyware.com/news/security-flaws-in-stalkerware-apps-are-a-growing-danger-00afc1cd