Researchers find more than 1,000 “creepware” apps on Google Play

A group of researchers from Coalition founding partner NortonLifeLock, Cornell Tech and New York University have found a large number of Android apps that can be used for stalking and harassment and that include, but aren’t limited to, traditional stalkerware. More than 800 of the apps have since been removed by Google from its Google Play store.

When researchers look for stalkerware on the Internet and on app stores, they typically do so by using search terms that people would use to find such apps, such as “spy on wife”. However, this rather narrowly focuses on one particular kind of app used for stalking.

The approach in this paper is different and used an anonymized dataset provided by NortonLifeLock’s mobile security product of apps found on mobile devices and then assigned a ‘CreepRank’ score depending on how likely an app was to be found on a device with known stalkerware installed. The idea behind this approach being that those installing stalkerware on a subject’s phone will likely install other apps they can use to harass or stalk.

Using this CreepRank, the researchers found 1,095 apps they call ‘creepware’, a category of apps that apart from traditional stalkerware also include apps that can be used to send a large amount of SMS messages or spoof senders, but also apps that were likely used by the phone owner to evade restrictions placed upon them.

The research findings were reported to Google, which found about 75 per cent of them in violation of its policies; these were subsequently removed from Google Play.

The research serves as an important reminder that stalkerware is only one aspect in which digital technology is used in abusive relationships. Both technology companies and those working with abuse survivors are advised to inform themselves of this multifaceted threat to ensure the best help can be provided.

Girl looking at phone

TechCrunch builds spyware look-up tool for Android devices

Zack Whittaker, Security Editor at TechCrunch, today announced t...

Read more

Australian charged with developing and selling desktop stalkerware

Last week, the Australian Federal Police (AFP) announced that it...

Read more

Avast and Refuge Launch ‘Digital Break-Up’ Kit to Raise Awareness of Tech Abuse

19 July 2022 Almost half of Brits (47%) know someone else’s...

Read more