Stalkerware on the rise in Malaysia — but what’s the risk?

Since data is valued higher than gold on forums and exchanges on the internet and the dark web, customers are rightly concerned about their privacy and security online.

Despite precautions, cybersecurity specialists at Kaspersky believe that data is being ‘stolen’ from individuals, with relative ease and without their knowledge. In fact, this is a major trend in Malaysia — and Kaspersky is sounding alarm bells to raise awareness among customers and warn regulators.

The impact of the situation could now escalate, with a surge in users now accessing sensitive data from their workplaces via their own devices, as the current COVID-19 pandemic forces businesses to enact work-from-home policies.

The method used to steal data is simple. Hackers bait innocent users into downloading stalkerware on their devices, which doesn’t present any symptoms on the device by itself. Instead, it simply sends data from the device and sometimes infects other devices that connect with the infected device.

According to Kaspersky, there has been a 23 percent year-on-year growth in users affected by stalkerware between 2018 and 2019.

“Consumer surveillance technology or stalkerware has evolved rapidly in recent years and the very purpose of surveillance activity has changed dramatically. It is often used to abuse the privacy of current or former partners and even strangers the malicious hacker is interested with,” said Kaspersky Southeast Asia General Manager, Yeo Siang Tiong.

Siang Tiong’s team believes that women fall prey to stalkerware more frequently than men but everyone needs to take precautions to ensure they stay safe.

Among the list of recommendations provided, the important things to note are that users should always ensure they download applications from trusted sources, avoid downloading files they don’t fully understand, and keep an eye on applications running in the background and spot suspicious names and activities quickly so that any damage can be limited.

For most customers, stalkerware seems like a problem that users face as individuals. However, the reality is that it is a major threat to businesses and organizations must be careful about which applications their users interact with, how they behave, and what tasks they perform in the background when not in active use.

“For our part, we have partnered with nine key organizations last year to launch a coalition against stalker-ware. The platform aims to provide a helpful online resource for stalkerware victims,” added Siang Tiong.

In the coming months, more organizations need to take steps to help staff understand what stalkerware is, how to look for it on devices they use, and what to do if they find something suspicious on their devices. 

Raising awareness is key to ensuring that the organization’s cybersecurity efforts don’t become redundant — be it fighting stalkerware, malware, phishing attacks, or any end-user-led cyberattack.

COVID-19Cyber SecurityMalaysiaMobile