Mobile spyware is an intrusive tool that can have a grave effect on your life. The constant fear that someone is secretly keeping tabs on your every move and knows everything about you has completely thrashed any vestige of privacy. On top of it, surveillance software is not as rare as you may think. A quick search on Google will give you hundreds if not thousands of results.
The prominent mobile security firm Lookout has revealed that 24 percent of the Android smartphones they scanned in the U.S. had malicious spyware on them that are intended to target a specific person. Another firm, Sophos reported that there is a two percent infection rate from spy software. If these numbers hold true, then it means tens of thousands of users could be affected.
So what should you do to protect your online privacy? Android anti-malware is one way to achieve peace of mind, but a lot of people have relayed that they aren’t reliable.
Photo by William Iven
Testing Android Anti-Malware
To prove if it’s based on truth or fact, Josh Kirschner, founder and CEO of Techlicious, set out to test some leading Android anti-malware to gauge how they fared at guarding users against the threat of Line spy tool. Spy apps that he used for this test go far beyond basic ‘find my phone’ or ‘location tracker’ services. While features varied, all the spyware he tested a combination of highly intrusive eavesdropping techniques, including recording phone calls, tracking IM chats and text messages, downloading contacts, photos, and videos, remote microphone activation, and registering visited websites.
The Results of the Test
Generally speaking, the results of the tests were dismal. Of 12 products Josh tested, none of the Android anti-malware were able to detect over two-thirds of the spy apps. In fact, many missed half or more the of the surveillance programs. And to your surprise, the potential Line spy tools least likely to be detected are easily available in Google Play.
Sadly, this isn’t just an issue that will perturb Android users. Since Josh was able to set up a spy app on an iPhone, with almost the same functions you can get on an Android phone. The only difference between the Android and iOS process is that he was required to jailbreak the iPhone. Nevertheless, today you can even find no-jailbreak versions of spy apps that virtually eradicated the need to jailbreak an iOS device.
Drawing a Conclusion
Though it’s difficult to draw statistical conclusions for these anti-malware would fair against the larger sample of spyware applications, the fact of the matter is the Line spy tools tested should have been easy hits for the software security companies. Why? A lot of them have been around for quite a while now (years in many cases) and is easily available via a simple Google search or has been reported frequently in the media.
Why the Poor Showing?
Firstly, Josh found that there seems to be a strong bias by security software vendors when it comes to targeting apps that available in foreign app markets, where many new malware risks originate. The problem is that a high percentage of smartphone users in the U.S. are less likely to download an application from a Chinese or Russian app store, so hitting these apps would do little to protect us. And since many Line spy tools are downloaded directly from individual vendors’ websites rather through an app store, these programs are missed entirely by the larger number of security vendors.
Secondly, security vendors aren’t netting as many spyware risks as they should because of their philosophy of classifying this type of programs as ‘Potentially Unwanted Apps’ (PUA), says Josh. As the argument goes, PUAs require someone to manually set up the software and agree to the terms. Moreover, PUAs could have legal uses, for instance, they can be used as employee monitoring, parental tracking (with, apparently, informed consent) or tracking down a smartphone thief.
As a result, Line spy tools aren’t included in the threat databases, irrespective of how perilous they could be in the wrong hands. The presumption of legal or valid use is a major snare to proper detection of threats. This doesn’t mean at all the security companies have absolutely no liability concerns about classifying PUAs as malware. Perhaps, they might be waiting for Google or someone else to take the initiative in identifying the spyware.
By Hannah George