spying AV-Comparatives: Antivirus programs in 2020 has gotten better in detecting stalkerware

[captain_to_fire]

Source: AV-Comparatives Stalkerware Test 2020 (Windows and Android), Electronic Frontier Foundation

 

Do you think your spouse or partner already went down low to spy on you by installing malware on your phone? Good news! Major antivirus vendors has gotten better in detecting and blocking stalkerware.

 

Quote

Stalkerware has been described thus:“...these apps have functionality that allows them to invade the privacy of an individual without their consent or knowledge: the application icon can be hidden from the applications menu, while the app continues to run in the background...”.

One of you might ask as to what's the difference between the stalkerware used by overly jealous spouses and a parent installing a parental control app or a MDM solution to track employees on the go, the answer as provided by AV-Comparatives is that stalkerware will try its best to stay under the radar to avoid detection and uninstallation, whereas parental control or corporate MDM solutions are quite explicit on what they do and its presence. Parental control apps allows parents to track the location of their kids to make sure they don't go elsewhere other than school and home.

 

As EFF security researcher Eva Galperin said in an interview [here] [here], stalkerware potentiates domestic abuse. Just think of it this way, you're on your way to work but all of a sudden your phone's battery is draining fast even though it's fairly new and fully charged. Then you pulled your phone out of your purse or bag and you noticed that it's getting hot. Then you tried to dig into the settings and you find out that there are apps installed that you're unfamiliar of. Or better yet, you opened a browser window and you notice that in the task manager/activity monitor that network activity is a bit high on Chrome but there aren't any extensions visible in the upper right side. Little did you know, your spouse has installed a spying app to track everything you do online. Then once you got home, you are greeted by an angry spouse/partner because he/she has seen your Facebook chat with a friend. So what happened next is that both of you started raising voices until one will either verbally humiliate your or worse, physically assaults you. Or if the abuser is such a sadist, he/she will not only verbally and physically abuse you, he/she can use it for character assassination or defamation.

As Eva Galperin pointed out, it all started with a tweet below in 2018 and she has received 10K retweets just a few hours ago and her inbox then became filled of abuse stories from both men and women related to stalkerware. While she made it clear that she also received stories about men being abused either by another men, women abused by women, or men abused by women, the vast majority are women being abused by men through spying.

 

Quote

n short, the software itself is legal but using it “incorrectly” might be punishable. Laws against covert surveillance will of course vary from country to country, although surely there are many jurisdictionswhere it is illegal.

 

The websites and setup wizards of stalkerware programs typically warn that you must not use the software in contradiction of the law of the country or territory that you live in. They also state that you must not install the software on a device owned or used by anybody else without telling the actual owner that you are doing so. We would ask what sense there is in telling users that they have to inform the device owner that the program is installed, whilst at the same time taking every conceivable measure to make it invisible on the device

The problem however with stalkerware is that even though they are maliciously intended, they are commercially sold. Typically hackers would go to dark web forums to look for exploitable vulnerabilities or perform deep reconnaissance on an organization, jealous spouses don't need to do that. All you need to do is to Google it. It will show you list of apps for spying.

Here's a popular spying program for Android named Cocospy. As you can see, it will demand you to turn off Google Play Protect and allow installation outside of the Play Store.

Spoiler

 

 

So this prompted this lady to force the antivirus industry to take stalkerware seriously. As you have seen in the first two photos above, 2019 is where most of AV products for both Android and Windows have sloppy detection scores for stalkerware, but now in 2020 they have improved which is a plus for privacy.

 

 

I can't say the same for iOS since Apple doesn't allow security products to be installed other than URL blockers. At the moment, you're best option is to turn off Find My Friends and make sure it isn't jailbroken as Apple has a strong App Store policy on tracking apps I assume.

 

Here's her advice on stalkerware and abusive spouses:

1. If a spouse or partner is forcing you to give him/her your passwords for various online accounts, it's already a red flag.
2. Turn off biometrics especially fingerprint unlock so that your phone cannot be abused.
3. If you're using Android or Windows, run a full system scan preferably with two or three vendors and compare detection results.
4. If the antivirus detected a potentially unwanted spying program, do not quarantine or neutralize the threat yet, instead go to the authorities and report it.

 

And here's my personal advice on failing relationships, "if you're currently unhappy with your current relationship, ask yourself if you're dating the person of your dreams or just the person within your reach". Don't be a martyr because no one will build a statue for you just because you think that person is going to change. Think about yourself and if you have kids, think about their safety.

 

Edited June 13, 2020 by captain_to_fire
fuck I accidentaly hit submit

[TempestCatto]

I don't trust this list, Norton scored too high.

[SpikeSpiegel]

Sadly I still use Avast for my PC's and Mobile Android phone.  I need to start thinking of changing my AV's

[captain_to_fire]

26 minutes ago, TempestCatto said:

I don't trust this list, Norton scored too high.

I actually believe it but I still won't advice Norton or any Symantec product because of false positives.

 

Edit: Besides it's just a single test. There are others like AV-Test, SE Labs, and MRG-Effitas which evaluates AV programs for consumers and enterprise.

 

23 minutes ago, CalintzJerevinan said:

Sadly I still use Avast for my PC's and Mobile Android phone.  I need to start thinking of changing my AV's

Use something else imo. In my signature, you can look on how you can make Microsoft Defender as good as paid options.

 

Edit: If Microsoft's solution isn't your thing, check out independent tests and install their trials and compare.

Edited June 13, 2020 by captain_to_fire

[5x5]

1 hour ago, TempestCatto said:

I don't trust this list, Norton scored too high.

Believe it or not, Norton and Kaspersky have the highest clearance rate due to their overzealous nature.

 

On a side note, glad to see Windows defender still beating the other freeware junk like. AVG and avast. Ever the more reason for those pieces of bloatware and malware to die off

[AndreiArgeanu]

1 hour ago, TempestCatto said:

I don't trust this list, Norton scored too high.

Norton isn't a bad antivirus, at least from personal experience. Unless it has changed since I last used it. Not to mention that the school I used to go to used Norton for some reason.

[williamcll]

So you're saying kapersky is the best choice here?

[captain_to_fire]

9 minutes ago, williamcll said:

So you're saying kapersky is the best choice here?

If we’re looking at stalkerware alone and AVC result, the answer seems yes. However, it’s just a single testing site. If you’re not buying the allegations of being in bed with the Russian government apparently, Kaspersky is a good AV based on my experience. 
 

I was thinking of deploying Kaspersky Endpoint Security Cloud but it was expensive so I deployed instead Bitdefender Gravityzone which is cheaper.

[poochyena]

6 hours ago, TempestCatto said:

I don't trust this list, Norton scored too high.

Norton has been a good anti-virus for a solid decade now. Anyone who says otherwise aren't looking at facts and just jumping on trends.

[sof006]

9 hours ago, TempestCatto said:

I don't trust this list, Norton scored too high.

Why? Norton is amazing. Its not like what it once was, the AV has improved dramatically. I use it every day on my PC, it does an amazing job at protecting my PC against threats. I've visited websites that appeared absolutely safe on Google Search but Norton has blocked malicious attempts of something on said website from connecting to my browser and what I would suspect is trying to steal info or take remote control of my browser. I would never dream of using my PC without a decent AV these days. Norton is one of many very good AV products out there. I recommend looking at this YouTube channel and make up your own mind - https://www.youtube.com/user/ThePCSecurity He has lots of videos showing off how good different AV products work.

 

Hopefully I don't get told off for linking a youtube channel here (don't see why I would).

[dalekphalm]

11 hours ago, TempestCatto said:

I don't trust this list, Norton scored too high.

As you can see from previous replies, the "hate" against Norton is actually wildly overblown.

 

Back in the 90's, Norton was terrible. Granted, there weren't a lot of mainstream choices back then - you had Norton and McAfee for the big guys, and a few others started to pop up in the early 2000's (Trend Micro, Panda, etc).

 

Norton used to be so bad because it was bloated, used a lot of system resources, was buggy, and was notoriously difficult to uninstall (With the uninstall utility leaving parts behind or glitching out and failing to uninstall at all). It got so bad that there was a special cleaner utility that would go in and remove all traces of Norton.

 

But that hasn't been a problem since pre 2010 days. Around the 2010 era, they totally redesigned their products (this was around the time they launched Norton 360), and it has been vastly improved since the old days.

 

It regularly scores well during independent testing, and the UI is incredibly user friendly and intuitive. It's actually a solid, decent product.

 

BitDefender is my go-to recommendation these days, but Kaspersky and a few others are also excellent choices too.

5 hours ago, poochyena said:

Norton has been a good anti-virus for a solid decade now. Anyone who says otherwise aren't looking at facts and just jumping on trends.

Yep, it's a meme to hate on Norton because "Norton sucks" - that used to be true. But hasn't been for over a decade.

4 hours ago, sof006 said:

Why? Norton is amazing. Its not like what it once was, the AV has improved dramatically. I use it every day on my PC, it does an amazing job at protecting my PC against threats. I've visited websites that appeared absolutely safe on Google Search but Norton has blocked malicious attempts of something on said website from connecting to my browser and what I would suspect is trying to steal info or take remote control of my browser. I would never dream of using my PC without a decent AV these days. Norton is one of many very good AV products out there. I recommend looking at this YouTube channel and make up your own mind - https://www.youtube.com/user/ThePCSecurity He has lots of videos showing off how good different AV products work.

 

Hopefully I don't get told off for linking a youtube channel here (don't see why I would).

 

[suicidalfranco]

6 hours ago, dalekphalm said:

As you can see from previous replies, the "hate" against Norton is actually wildly overblown.

 

Back in the 90's, Norton was terrible. Granted, there weren't a lot of mainstream choices back then - you had Norton and McAfee for the big guys, and a few others started to pop up in the early 2000's (Trend Micro, Panda, etc).

 

Norton used to be so bad because it was bloated, used a lot of system resources, was buggy, and was notoriously difficult to uninstall (With the uninstall utility leaving parts behind or glitching out and failing to uninstall at all). It got so bad that there was a special cleaner utility that would go in and remove all traces of Norton.

 

But that hasn't been a problem since pre 2010 days. Around the 2010 era, they totally redesigned their products (this was around the time they launched Norton 360), and it has been vastly improved since the old days.

 

It regularly scores well during independent testing, and the UI is incredibly user friendly and intuitive. It's actually a solid, decent product.

 

BitDefender is my go-to recommendation these days, but Kaspersky and a few others are also excellent choices too.

Yep, it's a meme to hate on Norton because "Norton sucks" - that used to be true. But hasn't been for over a decade.

 

then why the hate when tunnelbear got bought by McAfee

that's the thing i never understood

[mr moose]

7 minutes ago, suicidalfranco said:

then why the hate when tunnelbear got bought by McAfee

that's the thing i never understood

The internet doesn't need a understandable reason to hate, it's cool to hate on companies for whatever reason the last person said.

 

 

[TrigrH]

If you HAVE to install something I strongly recommend ESET. Most of the others have less settings, more false positives and more annoying notifications. 

[leadeater]

12 hours ago, poochyena said:

Norton has been a good anti-virus for a solid decade now. Anyone who says otherwise aren't looking at facts and just jumping on trends.

I still hate their software though, Mac client had serious performance impacts for years and the SEPM management software isn't the nicest. Competent AV just not the best usability.

[leadeater]

21 hours ago, dalekphalm said:

and was notoriously difficult to uninstall (With the uninstall utility leaving parts behind or glitching out and failing to uninstall at all).

Still nothing on CA eTrust, to uninstall that you have to throw the PC in to a fire then put it through an industrial shredder and half the time it's still installed.

[mr moose]

15 minutes ago, leadeater said:

Still nothing on CA eTrust, to uninstalled that you have to throw the PC in to a fire then put it through an industrial shredder and half the time it's still installed.

 

EZAV.EXE is preventing this shredder from executing a file on your computer..

[desertcomputer]

I think people really need to get more basic computer security/privacy knowledge ...

 

I have couple of friends that thought their webcam LED on their laptop was broken(always on) as usually most ask their significant other for IT advice. As the BF install the software in the first place ... they only realized after they broken up.

 

IMO, these anti virus suite is really easy to bypass if someone like significant other have access to computer.

 

I really think at OS level it should tell user when camera/microphone is being used in background or foreground for period of time. Like the current windows update that shows apps using microphone in taskbar.

 

This is why, I never really let someone used my personal computer/devices without me present.

[captain_to_fire]

2 hours ago, desertcomputer said:

IMO, these anti virus suite is really easy to bypass if someone like significant other have access to computer.

One of the ways an abuser would try to elude detection is by whitelisting or placing the spying program under scan exclusions. Should the victim run a full system scan, it might come with zero detections. That's why an abuse victim should do a trial and error with antivirus programs or on-demand scanners (e.g. NPE, KVRT, MBAM, etc) to see if a spying program was installed by an abuser.

2 hours ago, desertcomputer said:

I really think at OS level it should tell user when camera/microphone is being used in background or foreground for period of time. Like the current windows update that shows apps using microphone in taskbar.

I think Android and iOS has a permissions option that can be toggled. I can't say the same should an iPhone gets jailbroken or if GPP is disabled and a clandestine stalking app has gained admin privileges.

2 hours ago, desertcomputer said:

I have couple of friends that thought their webcam LED on their laptop was broken(always on) as usually most ask their significant other for IT advice. As the BF install the software in the first place ... they only realized after they broken up.

I do believe that a relationship should be built on trust and a partner or spouse installing a spying program means they're afraid to confront their loved one so they've decided to be sneaky about it or the abuser has personal issues but in denial, such action is a reflection of the kind of a partner the abuser is.

[captain_to_fire]

10 hours ago, dalekphalm said:

BitDefender is my go-to recommendation these days, but Kaspersky and a few others are also excellent choices too.

Same

10 hours ago, dalekphalm said:

and the UI is incredibly user friendly and intuitive. It's actually a solid, decent product.

I'm not really aware on how Norton looks at the moment. Perhaps I can give it a try on a VM.

[Doobeedoo]

That's good. Those people are messed up, yikes. Red flag indeed. 

[dalekphalm]

7 hours ago, suicidalfranco said:

then why the hate when tunnelbear got bought by McAfee

that's the thing i never understood

*shrugs* McAfee has a similarly bad reputation. I haven’t used any of their newer software though - but I can only assume that the Internet simply got butt-hurt because meming against Norton and McAfee is “cool”. 

7 hours ago, mr moose said:

The internet doesn't need a understandable reason to hate, it's cool to hate on companies for whatever reason the last person said.

A lot of this. 

3 hours ago, captain_to_fire said:

Same

I'm not really aware on how Norton looks at the moment. Perhaps I can give it a try on a VM.

I haven’t used it since like 2011-2012, but the UI was super clean, big easily readable buttons and notices. It’s an AV designed for your grandma or your less technical uncle. 

[sof006]

8 hours ago, dalekphalm said:

*shrugs* McAfee has a similarly bad reputation. I haven’t used any of their newer software though - but I can only assume that the Internet simply got butt-hurt because meming against Norton and McAfee is “cool”. 

A lot of this. 

I haven’t used it since like 2011-2012, but the UI was super clean, big easily readable buttons and notices. It’s an AV designed for your grandma or your less technical uncle. 

McAfee is in a similar boat to Norton, it used to be pretty bad but is actually pretty good. I'd say McAfee is cheap and cheerful but not very user friendly, its good at blocking threats but the UI is horrible to navigate. Norton seems to be just as good if not better but the UI is far superior (hence why I use it over McAfee). I use Kaspersky on my laptop but avoid it on my gaming PC due to it being a bit heavy handed on what it deems is a virus.

[5x5]

On 6/14/2020 at 6:49 PM, dalekphalm said:

*shrugs* McAfee has a similarly bad reputation. I haven’t used any of their newer software though - but I can only assume that the Internet simply got butt-hurt because meming against Norton and McAfee is “cool”. 

A lot of this. 

I haven’t used it since like 2011-2012, but the UI was super clean, big easily readable buttons and notices. It’s an AV designed for your grandma or your less technical uncle. 

McAfees gate is well deserved. The programme and the modules are very buster, have an extreme amount of false positives, tens to cause corruption by deleting system files and messing up updates. Not to mention the fact that it eats resources at a much more alarming rate than Norton considering the work it gets done per resource ("work" in the broadest sense possible).

 

On 6/15/2020 at 3:23 AM, sof006 said:

McAfee is in a similar boat to Norton, it used to be pretty bad but is actually pretty good. I'd say McAfee is cheap and cheerful but not very user friendly, its good at blocking threats but the UI is horrible to navigate. Norton seems to be just as good if not better but the UI is far superior (hence why I use it over McAfee). I use Kaspersky on my laptop but avoid it on my gaming PC due to it being a bit heavy handed on what it deems is a virus.

McAfee is by no means good. It's broken and barely functional in addition to being malware that harvests your data itself

[Neftex]

On 6/13/2020 at 5:20 PM, 5x5 said:

On a side note, glad to see Windows defender still beating the other freeware junk like. AVG and avast. Ever the more reason for those pieces of bloatware and malware to die off

source? false positives isnt exactly the main metric i would look at when comparing AV software