Shakti Trojan: Technical Analysis

Spyware installed on Android devices to stalk domestic abuse victims

As a threat researcher, I like to think I’m helping make the world a better place. We protect against malware that can compromise users’ devices, steal personal information, cost people money, and commit many other malicious acts.

It didn’t occur to me until today that we are also protecting against stalking and domestic abuse. While listening to story on National Public Radio (NPR) titled Smartphones Are Used To Stalk, Control Domestic Abuse VictimsI realized that the spyware we block on Android devices is used not only by cybercriminals to target high-profile lawyers, politicians, celebrities, or other positions of power, but also by those who commit acts of domestic violence or intimidation.

With the use of spyware installed on victim’s mobile devices, abusers are able to eavesdrop on their victims remotely, and even more scary, track them using GPS.

In fact, a staggering 85 percent of victims were tracked by GPS according to NPR, who surveyed 72 domestic violence shelters.

NPR named several companies that sell these spyware applications: mSpy, PhoneSheriff, MobiStealth, and StealthGenie.

All of these companies have apps can be run on an Android device in the background, with users none-the-wiser. Some of these apps’ features include the ability to:

  • Access calendars and address books
  • Control apps on the user’s device
  • Monitor call logs
  • Monitor conversations through popular communication apps like Skype
  • Monitor instant messages
  • Monitor keystrokes
  • Monitor SMS conversations
  • Monitor web history
  • Read emails
  • Record anything within the distance of the device’s microphone
  • Record calls
  • Remote control the device
  • Track the device using GPS

In my opinion, no matter how these companies advertise their apps, there is no reason anyone should ever put one on an unsuspecting victim’s device.

I’m a proud to say that we detect all of these unethical spyware applications. Anyone that suspects they are victims of such cyber stalking can scan their mobile device using Malwarebytes for Android or Malwarebytes for iOS.

ABOUT THE AUTHOR

Nathan Collier

Full time mobile malware researcher, part time endurance athlete and world traveler. As nerdy about traveling as he is about mobile malware.