Skip to main content

Cyberspace is flooded with commercial spyware tools for the Android OS, available for just a few dollars each. Promoted by their creators as legitimate and helpful software tools for keeping a watchful eye on relatives and loved ones, during the first 9 months of 2017 over 120,000 users of Kaspersky Lab products were attacked – nearly twice as much as in the same period of 2016 (over 70,000). Due to the increasing usage of such apps, Kaspersky Lab researchers examined the most popular tools, uncovering a number of security issues that could jeopardize not only the devices themselves, but also private customer data.

Spyware is a type of software that aims to gather information about a person or organization without their knowledge, and to send this data to another entity without the consumer's consent. It can also assert control over a device without the user's knowledge.

These applications are commonly used to steal and collect text messages, calls logs and recordings, GPS tracking, browser data, stored multimedia, and address books. What is most alarming is that spyware can even access a victim’s social media accounts and messenger applications. Once access is gained, an attacker can observe messenger conversations, feeds and other personal data from the victim’s social media profile.

With a vast amount of data at risk if it falls into the wrong hands, if spyware is developed without security in mind it could result in severe compromise, with the data going far beyond who it was originally intended for. This makes it a prime tool for commercial or even criminal purposes and those looking to exploit users. To find out how real the threat is, Kaspersky Lab researchers analyzed major commercial spyware applications. The research discovered that each of the examined apps contained several security issues:

  • Non-market applications. Most commercial spyware applications are distributed from their own sites and landing pages, to avoid official online market security checks. As a result, when installing these applications you need to “allow install of non-market applications”, meaning that the user’s device will be unprotected against further malware infection attempts.
  • Rooted devices. Some spy features work only on a rooted device, and many vendors recommend that the user obtains “superuser” access rights. However, root rights provide Trojans with almost endless capabilities and leave the device defenseless against cybercriminals attack.
  • Private data at risk. Kaspersky Lab researchers crucially found out that spyware applications pose many threats to the safety of personal data, due to product security flaws and careless behavior of developers. Many of them upload a victim’s personal data to command and control centers. Once uploaded, developers do not tend to pay attention to the security, and personal data is accessible to everyone.

According to Kaspersky Lab researchers, security issues associated with commercial spyware, combined with their large arsenal of features result in a real threat to users’ devices, their personal data and further damage at the hands of skillful cybercriminals.

“Commercial spyware is a good example of software that is considered legitimate and even helpful, but in fact poses a great number of threats to its users. Installation of such apps is a potentially risky move, which may even lead to further malware infection with severe consequences. That’s why we created a special technology for Android OS, that helps to find and detect dangerous applications which could lead to clients’ data privacy violation,” notes Alexey Firsh, security expert at Kaspersky Lab.

Kaspersky Lab researchers advise users to take the following measures, in order to protect their devices and private data from possible cyberattacks:

  • Don’t root your Android device, as this will open almost unlimited capabilities to malicious apps
  • Disable the ability to install applications from sources other than from official app stores
  • Keep the OS version of your device up to date, to reduce vulnerabilities in the software and lower the risk of attack
  • Install a proven security solution to protect your device from cyberattacks.
  • Always protect your phone with a password, PIN or fingerprint, so an attacker won’t be able to manually access your device.

To help people secure their private data on mobile devices, Kaspersky Lab has developed Kaspersky Internet Security for Android. It protects smartphones and tablets from dangerous apps and websites, ensuring user privacy thanks to protection against malware (including spyware), call and text filtering and an anti-theft feature.

Read more about commercial spyware for Android on Securelist.com.

Use of commercial Android spyware almost doubled in 2017

Cyberspace is flooded with commercial spyware tools for the Android OS, available for just a few dollars each.
Kaspersky Logo