A startling revelation was made at the recent Black Hat cybersecurity conference in Las Vegas, Nevada.
The ongoing pandemic has given rise to a new threat named Stalkerware. It is defined as apps (both malicious and mundane) that are being used increasingly to coerce and control individuals.
Stalkerware is used mostly by one intimate partner against another which makes it markedly different than conventional hacker-dominated malware strains. The trend has become so pronounced over the last year and a half that it earned a prominent mention at the Black Hat convention.
The recently formed Coalition Against Stalkerware defines this subset of software as any app or program that allows one individual to remotely monitor the whereabouts of another without that person’s explicit, persistent consent. This definition includes a number of completely legitimate monitoring applications available for both PCs and mobile devices used in a manner that the publishers did not originally intend.
Consider an application that allows an employer to monitor an employee during the workday. Or consider an app that allows a parent to monitor the location of their child. These could easily be misused by an abusive spouse or romantic partner and the stealthy nature of such applications makes it difficult for the person being stalked to realize they are being monitored.
Many of the applications in question are completely legitimate and this isn’t an issue that can be solved or resolved by security patches or bug fixes. The functionality that allows one individual to stealthily track another is baked into the design and is part of those apps’ core functionality. That makes most certain applications and monitoring devices (home security cameras being another example) ripe for abuse.
No one is denying the need and usefulness of tracking applications. There’s a definite place for them in the market. Unfortunately relatively little thought has been given to what happens when such technology is misused and that needs to change.