Mobile threat researchers at Avast have detected seven apps on the Google Play Store that were all likely designed by a Russian developer to allow people to stalk employees, romantic partners, or kids. Avast detected and reported four of the apps to Google yesterday, who removed them from the Play Store. Today, the researchers detected the fifth, sixth, and seventh apps, called “Spy Tracker” and “Employee Work Spy” and “SMS Tracker”, and also reported these to Google. All together, these apps have been installed more than 130,000 times, with the most installed apps being Spy Tracker, and SMS Tracker, both with more than 50,000 installs.
The apps all require the snoop to have access to the phone they want to spy on. The snoop needs to download it from the Google Play Store, and install it on the target device. The app then prompts the person who installed the app to enter their email address, and following this a password for the spying app will be sent there.
The apps are able to track the surveilled person’s location, collect their contacts, SMS and call history. If the phone is rooted it also allows the spy to collect the victim’s WhatsApp and Viber messages.
The apps were published under the following names:
- Track Employees Check Work Phone Online Spy Free
- Spy Kids Tracker
- PhoneCell Tracker
- Mobile Tracking
- Spy Tracker
- SMS Tracker
- EmployeeWork Spy
Experts Comments:
Nikolaos Chrysaidos, Head of Mobile Threat Intelligence and Security at Avast:
“These apps are highly unethical and problematic for people’s privacy and shouldn’t be on the Google Play Store, as they promote criminal behavior, and can be abused by employers, stalkers or abusive partners to spy on their victims. Some of these apps are offered as parental control apps, but their descriptions draw a different picture, telling users the app allows them to ‘keep an eye on cheaters’. We classify such apps as stalkerware, and using apklab.io we can identify such apps quickly, and collaborate with Google to get them removed.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.