- Статьи
- Internet and technology
- Keeping an eye out: How Russians are being attacked by stalking programs
Keeping an eye out: How Russians are being attacked by stalking programs
In the first 10 months of 2024, the number of Russians who encountered stalking programs increased by 25% compared to the same period last year, Kaspersky Lab warned. At the same time, it is not uncommon for both former and current partners of victims to become stalkers. Read more about how stalker programs work, how dangerous it is to use them and how to protect yourself from such threats in the Izvestia article.
Who is watching the users
The leading expert of Kaspersky GReAT Tatyana Shishkova told Izvestia about the more frequent use of stalking programs.
According to her, today cybersecurity experts do not see any preconditions for the problem of digital surveillance using stalking programs to change dramatically in the near future. It manifests itself, among other things, against the background of the overall increase in the number of attacks on users of Android devices. As the expert notes, attackers and ill-wishers realize that people store a lot of personal data and correspondence on their smartphones.
At the same time, both former and current partners of victims act as stalkers. As follows from the data of the fall survey conducted by the research company "OnIn" at the request of "Kaspersky Lab" (a thousand respondents took part in it), most of all among the formats of surveillance on the Web Russians are frightening:
- Claims of access to personal data on a smartphone (52%);
- Tracking via stalking programs (48%);
- Trackers to determine the location of a partner (45%).
Moreover, both trackers and specialized software are more likely to scare women. At the same time, there are now also reverse-effect applications on the market to detect tracking. They can help against both programs and special Bluetooth devices for stalking.
- The problem of using stalker software is global, - says Tatiana Shishkova. - That's why back in 2019, 10 companies, including Kaspersky Lab and nonprofit human rights organizations, created a coalition to fight stalkerware (Coalition Against Stalkerware). It now includes 40 participating partners from around the world.
Stalking mechanisms
Stalkerware is a category of programs that are installed on a device to gain access to the contents of the screen, camera and microphone, says Konstantin Gorbunov, an expert on network threats and web developer at Security Code.
- As a rule, such programs function in the background, i.e. you can't close them in the usual way," says the expert. - At the same time, stalker programs should be divided by the degree of their legitimacy.
As the expert explains, on the one hand, the installation of such programs may pursue legitimate goals - for example, setting up remote video surveillance of private property using a smartphone or installing time tracking systems for employees on office PCs. On the other hand, such programs are of interest to cybercriminals because they can be used to gain access to the victim's confidential information , such as correspondence, search queries, authorization data and media files.
Dmitry Ovchinnikov, head of the Laboratory for Strategic Development of Cybersecurity Products at the Analytical Center for Cybersecurity "Gazinformservice", adds that illegitimate stalker software can get onto gadgets in two ways. First, it can be installed by the victim's loved ones to keep an eye on her. Sometimes this is done to control children, but usually such things are used by one of the spouses when he suspects his other half of something. It requires physical access to a smartphone and the ability to install an app on it.
- Secondly, sometimes a user falls for a phishing link or installs software with hidden functionality, usually unlicensed," says Dmitry Ovchinnikov. - Stalker programs can also be installed if the user tries to somehow improve the functionality of his phone, using third-party tools not approved by the manufacturer and not placed in the official marketplace.
The expert adds that stalker software can also be used to spy on business partners, celebrities and celebrities - then the initiator is usually a fan or a hater of the object of surveillance.
From theft to blackmail
Attackers can use stalker programs for a variety of purposes, says Nikita Leokumovich, head of digital forensics and cyberintelligence at Angara SOC, in a conversation with Izvestia. First, it is carding - stealing money from bank cards.
-Such criminals are primarily interested in payment confirmation codes that come to the victim's device when he makes purchases," says the expert. - They buy goods from someone else's card with delivery to the address of their accomplice (dropship) and enter the confirmation code that came to the phone.
The second category of attackers are sellers of initial access: they are interested in credentials from various services stored on the victim's device, as well as card data (photos, text) and information from electronic wallets. These cybercriminals collect information for resale or to fill their own databases.
Next come blackmailers who collect personal photos and videos that are not intended for public distribution, or use a camera to collect data capturing elements of the victim's personal life, and then demand money for non-distribution of this data.
- Sometimes extortionists track the movements and daily routine of both the victim and the people who surround her," says Nikita Leokumovich. - After that, a detailed plan of extortion is prepared and executed. We see many such stories in the news every day.
According to Konstantin Gorbunov, unlike programs for remote access to device control, an attacker using stalker software does not have access to the file system and therefore cannot quickly download sensitive data. However, with the development of CV models (a field of artificial intelligence specializing in content recognition from media files), it has become possible to automate the process of text recognition, for example, from the screenshots created, making it easier for cybercriminals to search for sensitive information about the victim.
How to protect yourself from phishing
In order to protect yourself from digital collision, Irina Zinovkina, head of analytical research at Positive Technologies, advises you to download software only from legitimate sources (e.g., official app stores).
- Besides, you should carefully watch what access rights the application requests: for example, if it is a game, it definitely does not need extended access to contacts and other information," says the Izvestia interlocutor. - It is also worth installing antivirus protection on all your gadgets, which will help prevent such programs from getting on the device.
In turn, the author of the Solar appScreener product, Daniil Chernov, reminds us that it is important to be skeptical and not to trust suspicious requests. If someone sends a link to an app offering to earn money on bets or something similar, there is a good chance that it is malware with spyware features.
The second point is that stalker software consumes a lot of energy and traffic because it sends movement records to the attacker's server. If a user notices significant battery consumption, it may be one of the signs that such programs are present on the device.
- In addition, it is important to respect the physical security of the device, as the most common way of installing such software is manual installation," says the expert. - Therefore, it is necessary to use strong passwords. But it is not recommended to use Face ID on Android devices, as it can be tricked by presenting a photo of the victim.
If stalker software is still detected, it is recommended to install an antivirus from a trusted manufacturer and scan the gadget with it. If the antivirus did not detect anything suspicious, you should update the operating system to the latest version. If these measures do not help, you can perform a factory reset, concludes Daniil Chernov.
