{"id":15140,"date":"2019-11-20T00:45:04","date_gmt":"2019-11-19T20:45:04","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/coalition-against-stalkerware\/15140\/"},"modified":"2019-11-26T15:12:26","modified_gmt":"2019-11-26T11:12:26","slug":"coalition-against-stalkerware","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/coalition-against-stalkerware\/15140\/","title":{"rendered":"The stalkerware problem, and its solution"},"content":{"rendered":"<p>Stalkerware (aka spouseware, aka legal spyware) is openly distributed commercial software that allows the person who installs it to spy on the people on whose devices it ends up installed. And it\u2019s a <a href=\"https:\/\/me-en.kaspersky.com\/blog\/files\/2019\/11\/Kaspersky_Coalition_The-state-of-stalkerware-in-2019_ENG_fin.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">big problem<\/a> \u2013 not only for the intended victims, but for security companies as well.<\/p>\n<p>On a human level, <a href=\"https:\/\/www.kaspersky.com\/blog\/stalkerware-spouseware\/26292\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">stalkerware is very problematic<\/a>. First and foremost, it\u2019s a kind of technological abuse, which is unethical to say the least. In addition to that, the security risks stalkerware brings should concern everyone: victims and abusers alike. The malware can leak victims\u2019 data and breach device protection, leaving the door open for malicious software of different kinds, and more.<\/p>\n<h2>Why stalkerware is a problem for antivirus vendors<\/h2>\n<p>The solution seems simple. Stalkerware is bad, so cybersecurity companies should just regard it as malicious and remove it wherever it\u2019s found. Unfortunately, it\u2019s not that simple. Stalkerware is legal \u2014 at least in some countries, and in a lot of others it falls into a kind of gray zone, so you\u2019d need to dig deep into legislation to quantify it. And it\u2019s illegal for a security solution to mark legally distributed software as malicious.<\/p>\n<p>There\u2019s more to it: If a person deletes stalkerware from their device, the operator (or abuser) will know immediately, and the results of that might range from a minor escalation of a conflict to physical violence. That may sound extreme, but such cases have been witnessed by nonprofit organizations working with victims of domestic abuse.<\/p>\n<p>Another aspect is that various security vendors deem stalkerware to be different things, so some detect and remove software that others regard as harmless.<\/p>\n<p>At this point, one cannot just mark all stalkerware as malicious and start automatically deleting it. Yet, it\u2019s absolutely necessary to highlight the presence of stalkerware to the victim. Most antivirus vendors still mark it as <a href=\"https:\/\/www.kaspersky.com\/blog\/not-a-virus\/18015\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">not-a-virus<\/a> or something similar, which may be misleading for the user. Users may perceive software tagged <em>not-a-virus<\/em> as something that is OK, which stalkerware certainly is not.<\/p>\n<p>We came up with a solution about half a year ago: a privacy alert that explicitly informs the user that we detected software that eavesdrops and monitors their actions on their device. In addition to that, we have significantly improved our detection of stalkerware. But that\u2019s not enough. We need to educate people on what stalkerware is, what to do if they find stalkerware on their devices, and where to go and whom to talk to.<\/p>\n<h2>The Coalition Against Stalkerware<\/h2>\n<p>We believe it\u2019s necessary for the IT security industry to unite to protect users against stalkerware and to bring in the experience and expertise of the nonprofit organizations that directly help victims of domestic abuse every day. So, together with Avira, the Electronic Frontier Foundation, the European Network for the Work with Perpetrators of Domestic Violence, G DATA Cyber Defense, Malwarebytes, the National Network to End Domestic Violence, NortonLifeLock, Operation Safe Escape, and Weisser Ring, Kaspersky has founded the Coalition Against Stalkerware.<\/p>\n<p>The key objectives of the Coalition include improving detection and mitigation of stalkerware, educating victims and advocacy organizations about technical aspects, and of course raising awareness about the issue.<\/p>\n<p>This joint project launched with the creation of a consensus-based definition and standard criteria for stalkerware detection. The Coalition has also launched a website, <a href=\"http:\/\/www.stopstalkerware.org\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">www.stopstalkerware.org<\/a>, that provides helpful tips on how to find out if there\u2019s stalkerware on your device and what to do about it, and provides contacts in organizations that deal with domestic violence and can help prevent or mitigate the damage.<\/p>\n<p>We believe the Coalition will attract more partners \u2013 IT security companies, advocacy organizations, and even law enforcement agencies \u2014 that will help to unify the perception and detection of stalkerware across the industry, raise awareness among people, including those who have never encountered stalkerware, and improve efforts to help victims of stalkerware.<\/p>\n<p>We hope we will also be able to change the formal legal status of stalkerware, finally making it illegal to spy on other people without their consent.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Why stalkerware is a problem not only for targets, but also for security vendors \u2013 and what we\u2019re doing to fix it.<\/p>\n","protected":false},"author":675,"featured_media":15141,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,1486],"tags":[682,2077,2201,521],"class_list":{"0":"post-15140","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-threats","9":"tag-spyware","10":"tag-stalkerware","11":"tag-stopstalkerware","12":"tag-threats"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/coalition-against-stalkerware\/15140\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/coalition-against-stalkerware\/16962\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/coalition-against-stalkerware\/6618\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/coalition-against-stalkerware\/19933\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/coalition-against-stalkerware\/16967\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/coalition-against-stalkerware\/15719\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/coalition-against-stalkerware\/19672\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/coalition-against-stalkerware\/18288\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/coalition-against-stalkerware\/24105\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/coalition-against-stalkerware\/7410\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/coalition-against-stalkerware\/31307\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/coalition-against-stalkerware\/12573\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/coalition-against-stalkerware\/12574\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/coalition-against-stalkerware\/11420\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/coalition-against-stalkerware\/20536\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/coalition-against-stalkerware\/10500\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/coalition-against-stalkerware\/24467\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/coalition-against-stalkerware\/24389\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/coalition-against-stalkerware\/19676\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/coalition-against-stalkerware\/25553\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/coalition-against-stalkerware\/25395\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/stalkerware\/","name":"stalkerware"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15140","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/675"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=15140"}],"version-history":[{"count":3,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15140\/revisions"}],"predecessor-version":[{"id":15169,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15140\/revisions\/15169"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/15141"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=15140"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=15140"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=15140"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}