Follow Us on Google News
Detecting and removing smartphone spyware applications can be challenging due to their stealthy design, ability to bypass security measures, misuse of legitimate functions, and deep embedding in the system. To protect against smartphone spyware, it is important to take proactive measures such as installing reputable antivirus software, avoiding downloading apps from untrusted sources, and being vigilant about any unusual activity on the device. Seek help from a cybersecurity expert if you suspect your device has been compromised.
A team of computer scientists from New York and San Diego has found that smartphone spyware applications, which enable individuals to monitor each other, are not only difficult to identify and detect but are also prone to inadvertently exposing the sensitive personal data they gather.
Although advertised as tools for supervising minors and employees using company-owned devices, spyware apps are often exploited by abusers to secretly monitor a spouse or partner. These applications demand minimal technical knowledge from the perpetrators, provide comprehensive installation guidance, and merely require temporary access to the target’s device. Once installed, they discreetly document the victim’s device usage—including text messages, emails, images, and phone calls—enabling abusers to remotely access this information via a web portal.
Spyware has become an increasingly serious problem. In one recent study from Norton Labs, the number of devices with spyware apps in the United States increased by 63% between September 2020 and May 2021. A similar report from Avast in the United Kingdom recorded a stunning 93% increase in the use of spyware apps over a similar period.
If you want to know if your device has been infected by one of these apps, you should check your privacy dashboard and the listing of all apps in settings, the research team says.
How to counter spyware:
“Our recommendation is that Android should enforce stricter requirements on what apps can hide icons,” researchers write. “Most apps that run on Android phones should be required to have an icon that would appear in the launch bar.”
Researchers also found that many spyware apps resisted attempts to uninstall them. Some also automatically restarted themselves after being stopped by the Android system or after device reboots. “We recommend adding a dashboard for monitoring apps that will automatically start themselves,” the researchers write.
To counter spyware, Android devices use various methods, including a visible indicator to the user that can’t be dismissed while an app is using the microphone or camera. But these methods can fail for various reasons. For example, legitimate uses of the device can also trigger the indicator for the microphone or camera.
“Instead, we recommend that all actions to access sensitive data be added to the privacy dashboard and that users should be periodically notified of the existence of apps with an excessive number of permissions,” the researchers write.
Disclosures, safeguards, and next steps
Researchers disclosed all their findings to all the affected app vendors. No one replied to the disclosures by the paper’s publication date.
In order to avoid abuse of the code they developed, the researchers will only make their work available upon request to users that can demonstrate they have a legitimate use for it.
Future work will continue at New York University, in the group of associate professor Damon McCoy, who is a UC San Diego Ph.D. alumnus. Many spyware apps seem to be developed in China and Brazil, so further study of the supply chain that allows them to be installed outside of these countries is needed.