Stalkerware reads messages and unlocks devices

Kaspersky researchers have identified a new sample of stalkerware software - commercial software that commonly used for covert surveillance of associates or user comrades - whose functionality overshadows all previously discovered corresponding software.

Called MonitorMinor, it allows stalkers to gain access to any data without being detected and monitor activity on devices they control, as well as the most popular anti-virus services.messaging and social networks.

stalkerware

Stalkerware by definition endangers the personal information and personal life of many people. If their data is monitored and controlled, the consequences are often not exclusively related to cyberspace for the victims involved. However, the creators of MonitorMinor did not bother to keep it a secret, showing that they are well aware of

While primitive stalkerware uses geofencing technology, allowing the operator to locate the victim and in most cases stealing SMS and call data, MonitorMinor goes a few steps further. Recognizing the importance of messengers as a means of data collection, this software aims to access data from all the most popular modern communication tools.

While, in a "clean" Android operating system, direct communication between applications is prevented by the sandbox, the situation can change if a superuser-type application (assistant SU), which provides root in the system. Once this SU utility is installed, there are no more device security mechanisms.

Using this utility, the creators of MonitorMinor gain full access to data from a variety of popular social networking and messaging applications such as Hangouts, the Instagram, the Skype or Whatsapp, the Snapchat and other.

Additionally, using root privileges, stalkerware can gain access to xe patterns screen, allowing the stalkerware operator to unlock the device when they are nearby or when they subsequently gain physical access to the device. This is a unique feature that Kaspersky has not previously detected in threats for mobile platforms.

Even without root access, stalkerware can effectively run the Accessibility Service API, which is designed to make devices user-friendly with disabilities. Using this API, stalkerware is able to track any events in the applications and transmit live audio.

Other features in this stalkerware enable its operators:

  • Control devices using SMS commands.
  • Watch real-time video from device cameras.
  • Record audio from the device microphones.
  • View your browsing history in Google Chrome.
  • View usage statistics for specific applications.
  • View the contents of a device's internal storage.
  • See the contact list.
  • View system logs.

“MonitorMinor is superior to other stalkerware programs in many opinions and implements all kinds of monitoring functions, some of which are unique and almost impossible to detect on the victim's device. This particular app is incredibly intrusive – it completely strips victims of any sense of privacy when using their devices and allows the attacker to retrospectively monitor their victims' activity,” comments Victor Chebyshev, head of of Kaspersky development.

He continued: "The existence of such applications underscores the importance of protection against stalkerware and the need for a joint effort in the fight to protect privacy. That is why it is important to inform users about the existence of this application, which, in the hands of criminals, could become the ultimate control tool. "We have also shared precautionary information about this software with our partners in the Coalition Against Stalkerware to protect as many users as possible as soon as possible."

More information about MonitorMinor can be found at the specialist site Securelist.com.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).