Woburn, MA – April 12, 2022 – Today Kaspersky released a report revealing that stalkerware affected more than 32,000 Kaspersky mobile users globally last year. The United States saw the third-highest number of affected users, at 2,319, trailing only Russia (7,541) and Brazil (4,807). The State of Stalkerware in 2021 report analyzed the use of stalkerware around the world, with the aim of better understanding the threat it poses and supporting non-profit organizations and victims.
Along with other technologies, stalkerware is often used in abusive relationships, enabling a user to spy on another person’s private life using a smart device. Research has identified a direct link between online and offline violence, adding urgency to global efforts to comprehensively tackle the issue.
While the report revealed a significant global decrease in affected users compared with the data gathered by Kaspersky since 2018, and a 39% decrease from Kaspersky’s 2020 numbers, it is important to highlight that these statistics likely represent only the tip of the iceberg. According to a rough estimate from the Coalition Against Stalkerware, usage of stalkerware could be close to one million instances, globally, each year. Experts also warn that other factors may have played a role in the decline, including increased use of smart cameras, location trackers and other devices for spying, as well as COVID lockdowns reducing demand for remote spying.
According to the report, Cerberus and Reptilicus were the most used stalkerware applications, with 5,575 and 4,417 affected users, respectively, around the world, followed by Track My Phones (1,919), AndroidLost (1,731) and Mobile Tracker Free (1,670). Most have functionality such as reading messages and call logs, hiding the app’s icon, tracking location, viewing photos, taking screenshots, and more.
Pairing the results of this research with the results of a Digital Stalking survey conducted at the end of 2021 highlights a link between online and offline violence. Twenty-four percent of people surveyed globally confirmed being stalked using technology, and 25% confirmed having experienced violence or abuse at the hands of their partner. Kaspersky found the same correlation in most of the countries where the survey was run.
Two non-profit organizations that participated in the report and shared their experience from working with victims – US-based NNEDV (the National Network to End Domestic Violence) and WWP EN (the European Network for the Work with Perpetrators of Domestic Violence) – confirm that tech-enabled abuse is a growing issue.
“ICT technologies are powerful tools for perpetrators exerting coercive control, especially in relationships where violence is already present offline,” said Berta Vall Castelló and Anna McKenzie from WWP EN.
According to experts, domestic violence significantly increased during the pandemic, especially during lockdowns.
“There is a growing rate of smart devices – including home assistants, connected appliances, and security systems connected to WiFi networks and smartphones – used in intimate partner violence,” said Toby Shulruff from NNEDV’s Safety Net project. “While stalkerware is a common concern, there are many other tools available for tech abuse.”
Stalkerware continues to affect victims everywhere in the world. Kaspersky has identified affected users in over 185 countries and territories, with Russia, Brazil, the United States, and India again ranking as the top four countries with the largest number of unique users identified. Germany is the only European country in the top 10 most affected countries.
The report includes a full overview of the most affected global regions, with statistics for North America, Latin America, Europe, Middle East and Africa, Eastern Europe (excl. EU countries), Russia and Central Asia, and the Asia Pacific region.
How Kaspersky collaborates with external stakeholders to fight stalkerware
Kaspersky is one of the co-founders and drivers of the Coalition Against Stalkerware, an international group dedicated to tackling stalkerware and combating domestic violence. Interpol is a supporter of the Coalition and, in 2021, together with Kaspersky, delivered training to more than 200 law enforcement officers on the topic of stalkerware.
Additionally, Kaspersky is one of the partners of the DeStalk project. Funded by the European Commission, this research project aims to develop a strategy to train and support professionals in victim support services, perpetrator programmes, officers of institutions and local government amongst others.
Kaspersky has also developed TinyCheck, a free, open-source tool which aims to facilitate the detection of stalkerware in a simple, quick, and non-invasive way on a victim’s device. It can run on any OS without making the perpetrator aware. In 2021, multiple non-profit organizations in the field of domestic violence tested TinyCheck and provided feedback to help improve it. Police forces and judicial bodies in several countries have also taken an interest in the tool as a way to better support victims.
The full report on stalkerware threats in 2021 is available on Securelist.
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company's comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.
Sawyer Van Horn