Skip Navigation
BlackBerry Blog

Seemingly Innocent App Could Help an Abusive-Ex Stalk You

FEATURE / 08.30.18 / Kim Crawley

Domestic abuse is a matter that most people don’t like to talk about, and it’s not necessarily a subject that comes up often in relation to information security. Unfortunately, it is a very common problem, and pretty much anyone can be the victim of domestic abuse.

Women are indeed statistically more likely to be subject to domestic abuse than men. According to Battered Women’s Support Services, 83% of spousal abuse victims are female and up to 70% of women will experience relationship violence in their lifetimes, mainly from men they know well.

Men can be domestic abuse victims too. According to a study published by IPV Tech Research, partner violence affects one third of all women, but also one sixth of all men in the United States. Also note that the definition of domestic abuse includes not just physical but emotional abuse as well, which can include the psychological trauma that comes from stalking.

Abusive Partners Can Stalk You Through an App

Domestic abuse affects people of all genders, sexual orientations, martial statuses, cultures, ethnicities, and socio-economic levels. It’s disturbingly common for abusive partners and ex-partners to feel like they “own” the people they were in romantic relationships with. Combine that with the fact that these days the vast majority of both domestic abusers and domestic abuse victims use smartphones, and sure enough, this technology is going to be exploited.

Herein lies the problem. That smartphone in your pocket can be used to track you through GPS and cellphone tower triangulation. It’s pretty easy for mobile developers to make apps which use APIs that can make use of these tracking functionalities.

Coupled with that fact is the high likelihood that an abusive partner or ex may have had an opportunity to acquire physical access to their victim’s phone, which gives them an edge over remote cyber attackers. Researchers from a number of major universities recently conducted a study that was published by IPV Tech Research. They hypothesized that abusive partners and ex’s could stalk their victims through both iPhones and Android phones with certain apps which are currently available in Apple’s App Store and the Google Play Store.

The researchers deployed complicated but effective methodologies for finding apps that an abuser can use to stalk their victim - both innocuous apps and apps that were designed to be malicious. They found a staggering 70 apps for Android, and 97 apps for iOS that could be exploited for stalking. The methodology for finding iOS stalker apps was even more complicated, because Apple’s App Store doesn’t share which permissions apps require.

It’s intuitive to assume that an anti-spyware app can remove “stalker apps,” because stalker apps are a type of spyware. However, the researchers didn’t find commercial anti-spyware to be effective enough for that particular purpose:

“Of the 40 anti-spyware apps (they tested), 37 are completely ineffective against dual-use apps, flagging at most 3% of them. Most of the anti-spyware apps flag more than 70% of the off-store spyware apps... The ones that detect the most spyware have higher false positive rates.”

It’s still a good idea to have an antivirus app on your phone, but note that you can’t necessarily rely on the ones specifically labelled as anti-spyware to remove stalker apps. I’ll show you what you should do instead later in this post.

Dual Use Apps Linked to Abuse

Seemingly innocuous apps which have many legitimate and useful purposes that an abuser may exploit for stalking unbeknownst to you include popular apps like Find My Android, Where’s My Droid, Call Recorder, mySMS, TrackView, Family Tracker, Couple Tracker, and Friends Tracker, among others. If you think your partner may be stalking you, uninstall those apps immediately if you find them on your device.

Apps like Where’s My Staff are designed to track employees, and apps like MMGuardian are designed to monitor children. While it’s been debated within the information security community whether or not these kinds of apps really constitute malware, know that they can be leveraged by abusers for stalking.

Possible stalker apps such as Cerberus, mSpy, and HelloSpy are almost definitely malware, and they are designed to be hidden on your phone. The researchers found that many antivirus apps also have phone locating functionality, but they weren’t too worried about them in regards to unwanted tracking:

“Interestingly, many antivirus apps provide find-my-phone, anti-theft, or family safety functionality, making these potentially dual-use. None are covert, but even so, these anti-spyware tools could hypothetically be used by abusers as dual-use apps. Nevertheless, we do not consider them as such, because their primary functionality is not for spying. More pragmatically, they are not returned in response to abuser search queries and we found no evidence online or in prior work of their abuse in IPS settings.”

With stalker apps, whether or not they were designed for that purpose, it can be easy for your abuser to follow you or observe remotely wherever you take your phone. They can use a web browser on a Windows, Mac, or Linux PC to acquire your geolocation on a map. Alternatively, their endpoint could also be a smartphone, tablet, or Internet of Things (IoT) device.

They may be able to follow you even if you have GPS turned off, because they may be able to turn your GPS back on covertly, or use cellphone tower triangulation instead. They may also be able to take screenshots, video, and audio recordings of whatever you happen to be doing with your phone at the time. They can use that to figure out what you’re doing and who you’re spending time with.

They may also be able to access your SMS messages and emails and exploit that information for the same purposes. Your abuser doesn’t have to be a geek or have any hacker knowledge because stalker apps and their backends are usually designed to be easy for non-technical people to install and use.

What To Look For If You Think You Might Be a Victim

The US Federal Trade Commission lists signs that your abusive partner or ex may be using a stalker app on your phone. Could your abuser have had physical access to your phone, even for a minute? Even if you use a lock screen/ lock code, your abuser may have been able to acquire momentary access to your phone while the screen was unlocked – for example, if you set it down briefly while using it to visit the restroom or answer the door, or if you plugged it in to charge it and walked into the next room, leaving it switched on.

An abuser could also remotely install a stalker app on your Android phone if they know how to log into your Gmail or Google account from a PC they have access to, or if you’ve accidentally left your PC’s web browser accessible to them that has your Google credentials stored.

Signs of stalker app use include having a phone that’s difficult to completely turn off, a faster draining battery, or a phone that behaves erratically. In-person signs include your abuser knowing things about you that you haven’t told them or anyone else, such as places you’ve visited or people you’ve communicated with, with or without details of what you’ve discussed with those people.

In the process of installing a stalker app, your Android device may have had to been rooted, or your iPhone may have been jailbroken. If you use Android, you can install the Root Checker app for free from the Google Play Store. If you have an iPhone, check to see if an app called Cydia is installed. If it is, that’s a sure indication that your iPhone is jailbroken. The Cydia app cannot be hidden unless your abuser is really masterful at iOS hacking.

Securing Your Phone

But whether you have an Android device or an iPhone, the stalker app on your phone may be covert malware and well-hidden. If your device has the indications that I’ve mentioned, you’ll have to remove any possible stalker apps by factory resetting your device.

That means your phone’s software will be restored to the state it was in when you bought it. You will lose your applications, documents, contacts, and settings that aren’t on your SIM card. You may be able to restore them when you log back into your Google or Apple account from your applicable cloud, but be careful as that may restore the stalker app as well.

Instructions for how to factory reset an Android phone can be found here. The process may differ a bit according to your version of Android and device model. Apple Support has instructions for factory resetting iPhones here.

Get Help Leaving an Abusive Relationship

Whether you’re rich or poor, female, male, or nonbinary, young or old, if you think you may be in an abusive domestic relationship you must do everything you can to get help and leave. If you have children with your abusive partner, do your best to keep them safe within your legal rights.

Here some resources to help:

Final Thoughts

Having to leave an abusive partner is very difficult and very scary. It may take a while to get them completely out of your life. Your emotional wounds may never completely heal, and if you have children they may need counselling as well. But the effort is well worth it.

Abusers don’t change. You may feel like there’s no hope and your world is ending, but stay strong because I can assure you that there are resources that can help you, and there’s life after abuse. I’m living proof.

Kim Crawley

About Kim Crawley

Kimberly Crawley spent years working in consumer tech support. Malware-related tickets intrigued her, and her knowledge grew from fixing malware problems on thousands of client PCs. By 2011, she was writing study material for the InfoSec Institute’s CISSP and CEH certification exam preparation programs. She’s since contributed articles on information security topics to CIO, CSO, Computerworld, SC Magazine, and 2600 Magazine. Her first solo-developed PC game, Hackers Versus Banksters, and was featured at the Toronto Comic Arts Festival in May 2016. She now writes for Tripwire, Alienvault, Cylance, and CCSI’s corporate blogs.

The opinions expressed in guest author articles are solely those of the contributor, and do not necessarily reflect those of Cylance or BlackBerry Ltd.