Mobile spyware

Short bio

Mobile spyware hides in the background (no shortcut icon is created) on a mobile device and steals information such as incoming/outgoing SMS messages, incoming/outgoing call logs, contact lists, emails, browser history, and photos. They can also potentially record inputted keystrokes, record anything within the distance of the device’s microphone, secretly take pictures in the background, and track the device’s location using GPS. In some cases, spyware apps can even control devices via commands sent by SMS messages and/or remote servers. Stolen information can be sent via data transfer to a remote server or through email.

History

Mobile spyware has been around since mobile devices became mainstream. With mobile devices being small and users not being able to see activity, these behaviors can run behind the scenes.

Common infection method

Infection occurs when an app with malicious code is installed. These apps vary from legitimate apps recompiled with malcode, straight up malicious apps with a fake name, and apps with fake download links. Apps can also be installed onto devices by abusers who want to stalk unsuspecting victims.

Associated families

  • Spyware.Flexispy
  • Spyware.Gizmo
  • Spyware.GoldenEagle
  • Spyware.GoneSixty
  • Spyware.Gugespy
  • Spyware.Krysanec
  • Spyware.MobiStealth
  • Spyware.Mspy
  • Spyware.NickiSpy
  • Spyware.Spyera

Remediation

These apps can be uninstalled using the mobile device’s uninstall functionality, the tricky part is identifying the offending behavior and app. That is where anti-malware software can help by identifying and removing these apps.

Aftermath

A victim’s stolen private information could be used for identity theft, or be used to be stalk them. In severe cases, spyware apps have been used by domestic violence abusers to locate victims who are under protective services.

Avoidance

Stick to trusted sources for mobile apps and avoid any third party apps. If you suspect you are being stalked, run anti-malware software on your device to identity any spyware.

Screenshots