The Spy Who Loved Me – How Apple Aren’t Helping Stalkerware Victims

Every single year in the United States, 6.6 million people are victims of stalking. That means that they were the subject of someone’s obsession to a point where they feared for their own safety. 1 in 4 of those people reported the use of technology as one of the main forms of stalking – that’s over 1.6 million people in one year.

An obvious target for a stalker is their victim’s phone. Our phones store an incredible amount of information about us. What we do in our daily lives, locations we frequent, who we talk to, where we work, where we exercise, where we buy food, etc. The list goes on.

For someone with an obsession, getting access to a mobile device is like hitting the jackpot in a casino.

Unfortunately, this has never been easier with the new class of cheap, easy to install spyware that is now available on the market for bargain-bin prices as low as $30.

It doesn’t take a computer science degree to hack someone’s device anymore.

This simple-to-use spy software is commonly known as ‘Stalkerware’ or sometimes ‘Spouseware’, given its prevalent use in domestic abuse cases by violent partners and angry-exes to track their victim’s phone activity, steal their personal information and track their location.

The Main Culprits

The two main providers of this ‘Spouseware’ are companies called FlexiSpy and mSpy. They describe the software they develop as a tool for families – e.g. parents wanting to keep an eye on their kids when they’re out and about. However, whilst companies like FlexiSpy and mSpy state their software shouldn’t be used on someone’s device without their permission, the research shows that this is overwhelmingly ignored by their users.

In fact, these companies seem to know this and have even been spotted advertising their software as a way to ‘catch a cheating spouse’ or something similar and that’s where a lot of the problems begin to surface.

See, once this type of software is installed on a victim’s device, the ‘hacker’ then has access to the text & chat messages, photos, videos, calendar, call logs and more.

Not only that, but the software can also record phone calls, video calls as well as logging everything typed using the keyboard including passwords to all online accounts, etc.

On top of all this, the hacker can completely hide any evidence of hacking from the victim. They would have absolutely no idea that their data is being stolen.

These companies aren’t the only two examples of spyware like this. There are over 25,000 examples of software that can perform similar functions available on the market – many of which can be downloaded from the official app stores.

Whilst Android is more susceptible to this type of software, iOS devices are by no means immune.

And that’s where the REAL problem lies…

Apple Aren’t Allowing iOS Users to Protect Themselves.

You see, if you are on Android and you’re worried about this type of software getting onto your device, it’s simple enough to open up the Google Play Store and install some form of anti-spyware app.

For example, here at Certo we’ve developed our own free Android app to do just that – Check it out here.

But if you’re in Apple’s ecosystem you’ll find it much harder to protect yourself.

Why?

Well, because Apple doesn’t allow anti-spyware apps onto their App Store. Due to the way iOS devices work, Apple has made it impossible for these types of apps to exist. Furthermore, our own experience with the company has revealed that Apple goes so far as to not even allow the word “spyware” to appear within any security app, even in the context of protecting against the threat. It’s long been the belief among many Apple users that their devices are unhackable and Apple, it seems, are happy to let them think this.

However, there have been many reports of iPhone hacking in recent years, and it could be starting to affect users’ perception of just how secure iOS is.

It’s certainly strange that one of the most popular phones on the market has no easy way for the user to check if someone has hacked their device.

Unfortunately, Apple isn’t showing signs of changing this any time soon, so we’ve written a list to help you know exactly what you CAN do to help prevent stalkerware finding its way onto your device:

1. Always Keep iOS up to date. Most Stalkerware relies on ‘hackers’ being able to bypass iOS security by exploiting vulnerabilities in out of date iOS versions. Keeping the latest version of iOS on your device helps to reduce the likelihood of this type of software being installed on your device. It’s your main protection against this type of hacking.
2. Create a strong passcode for your device. A strong passcode ensures that only you know how to log into your device. This is the first line of defence against someone looking to install malicious software onto your device.
3. Ensure Two-factor authentication is enabled. Enabling two-factor authentication allows you to prevent someone accessing your personal information stored on iCloud, even if they know your AppleID credentials. This often includes a complete backup of your device which can be used to create a ‘clone’.

If you are worried that stalkerware or spyware may already be installed on your iPhone, then even though there aren’t any solutions available on the App Store, there are some non-App Store tools such as Certo AntiSpy that can detect if you’ve been a victim of stalkerware.

Even if you’ve never been a victim of stalkerware yourself, it’s essential to arm yourself with the right knowledge to help prevent you or a friend/family member becoming a victim to this type of abuse in the future.

Please share this with anyone who you think would benefit from this knowledge and don’t hesitate to get in touch with us if you would like support regarding one of our products or if you suspect your phone has been hacked.

You can also find a lot more information on our blog, where we regularly write about the latest security threats to Android and iOS devices.