Search for: All records

Consumer mobile spyware apps covertly monitor a user's activities (i.e., text messages, phone calls, e-mail, location, etc.) and transmit that information over the Internet to support remote surveillance. Unlike conceptually similar apps used for state espionage, so-called stalkerware apps are mass-marketed to consumers on a retail basis and expose a far broader range of victims to invasive monitoring. Today the market for such apps is large enough to support dozens of competitors, with individual vendors reportedly monitoring hundreds of thousands of phones. However, while the research community is well aware of the existence of such apps, our understanding of the mechanisms they use to operate remains ad hoc. In this work, we perform an in-depth technical analysis of 14 distinct leading mobile spyware apps targeting Android phones. We document the range of mechanisms used to monitor user activity of various kinds (e.g., photos, text messages, live microphone access) — primarily through the creative abuse of Android APIs. We also discover previously undocumented methods these apps use to hide from detection and to achieve persistence. Additionally, we document the measures taken by each app to protect the privacy of the sensitive data they collect, identifying a range of failings on the part of spyware vendors (including privacy-sensitive data sent in the clear or stored in the cloud with little or no protection). 

A growing body of research suggests that intimate partner abusers use digital technologies to surveil their partners, including by installing spyware apps, compromising devices and online accounts, and employing social engineering tactics. However, to date, this form of privacy violation, called intimate partner surveillance (IPS), has primarily been studied from the perspective of victim-survivors. We present a qualitative study of how potential perpetrators of IPS harness the emotive power of sharing personal narratives to validate and legitimise their abusive behaviours. We analysed 556 stories of IPS posted on publicly accessible online forums dedicated to the discussion of sexual infidelity. We found that many users share narrative posts describing IPS as they boast about their actions, advise others on how to perform IPS without detection, and seek suggestions for next steps to take. We identify a set of common thematic story structures, justifications for abuse, and outcomes within the stories that provide a window into how these individuals believe their behaviour to be justified. Using these stories, we develop a four-stage framework that captures the change in a potential perpetrator's approach to IPS. We use our findings and framework to guide a discussion of efforts to combat abuse, including how we can identify crucial moments where interventions might be safely applied to prevent or deescalate IPS.