Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Kaspersky
The dangers of MonitorMinor stalkerware
Message
<blockquote data-quote="Bot" data-source="post: 867862" data-attributes="member: 52014"><p>Using stalkerware isn’t just <a href="https://www.kaspersky.com/blog/coalition-against-stalkerware/31307/" target="_blank">unethical</a>, it’s inherently <a href="https://www.kaspersky.com/blog/stalkerware-spouseware/26292/" target="_blank">unsafe</a>. The first point hardly requires further explanation. As for the second, the problem is this: Spying apps steal vast amounts of confidential data from devices and send it over the Internet, and their creators care not a jot about protecting it.</p><p></p><p>How the data is stored or transmitted to the command-and-control (C&C) server isn’t generally known. Consequently, it is impossible to predict how many people might gain access to it. Given the rapid development of stalkerware functionality, the data gathered by stalkerware being re-stolen or leaked can become an even bigger headache for victims than the attacker’s initial aim of <a href="https://www.kaspersky.com/blog/smartphone-spying-protection/31894/" target="_blank">tracking their movements</a>.</p><p></p><p><span style="font-size: 18px"><strong>What is MonitorMinor stalkerware capable of?</strong></span></p><p></p><p></p><p>The recently discovered Android stalkerware MonitorMinor shows what modern spying apps are capable of. In our assessment, it is one of the most powerful smartphone-tracking tools currently in existence. Its abilities include enabling attackers to remotely control the device, record sound and video from the camera and microphone, and steal the contact list, messages, and device PIN or unlock pattern.</p><p></p><p>Although it is positioned as a parental control app, MonitorMinor may be used to secretly monitor family members or colleagues —in other words, for stalking. The license agreement, which is available on the website from which the application is distributed, clearly states that users of the application are not allowed to use it for silent monitoring of another person without written consent. Yet we can’t see how that helps potential targets of stalkers who used the app anyway.</p><p></p><p>The app is very intrusive and can exist on the target’s device without being visible to its owner, and it can silently harvest practically every bit of the target’s personal communications. We decided to draw attention to the app because of its power and inform those who defend people from stalkerware of the potential threat it poses. This is not just another parental control application.</p><p></p><p></p><p>As usual, the most vulnerable users are those who have used an application to obtain <a href="https://encyclopedia.kaspersky.com/glossary/root-access/?utm_source=kdaily&utm_medium=blog&utm_campaign=termin-explanation" target="_blank">superuser privileges</a> on their device. With that level of access, MonitorMinor has no trouble at all entrenching itself in the system. But don’t think that if you didn’t <a href="https://www.kaspersky.com/blog/android-root-faq/17135/" target="_blank">root</a> your device, you have nothing to worry about.</p><p></p><p>First, such software might have been installed at the factory. Second, the smartphone could be infected with rooting malware. Third, someone who wants to spy on you might manually root the device if they gain physical access to it.</p><p></p><p>Once MonitorMinor gets root permissions, it cannot be removed using regular system tools, even if the victim somehow manages to detect it. Worse, in addition to being virtually unremovable, the stalkerware can gain access to data in messenger apps, social networks, e-mail clients, and other applications. The list of apps from which MonitorMinor can steal data includes Gmail, Facebook, Instagram, Viber, Skype, and Snapchat.</p><p></p><p></p><p></p><p></p><p>If it cannot obtain superuser privileges, MonitorMinor proceeds to plan B and uses a suite of regular Android functions known as Accessibility. Developed for people with disabilities, this set of features is very popular with malware creators.</p><p></p><p>The reason is that Accessibility enables malware to swipe everything displayed on the smartphone screen (such as messages and banking app details), tap buttons, copy user-entered text and the clipboard contents, and so on.</p><p></p><p><span style="font-size: 18px"><strong>How to guard against MonitorMinor</strong></span></p><p></p><p></p><p>If someone is intent on injecting MonitorMinor into your smartphone, it is quite difficult to prevent. However, you can make the task more complicated:</p><p></p><ul> <li data-xf-list-type="ul">Lock your smartphone with a strong password.</li> <li data-xf-list-type="ul">Be extremely wary of apps that request access to Accessibility.</li> <li data-xf-list-type="ul">Block the installation of software from third-party sources (or rather, because Android blocks that by default, never allow it).</li> <li data-xf-list-type="ul">Install a reliable security solution. For example, <a href="https://app.appsflyer.com/com.kms.free?pid=smm&c=ww_kdailyplaceholder" target="_blank">Kaspersky Internet Security for Android</a> detects spying apps and warns users about them.</li> </ul><p></p><p><a href="https://www.kaspersky.com/blog/monitorminor-stalkerware/34060/?utm_source=rss&utm_medium=rss&utm_campaign=monitorminor-stalkerware" target="_blank">Source</a></p></blockquote><p></p>
[QUOTE="Bot, post: 867862, member: 52014"] Using stalkerware isn’t just [URL='https://www.kaspersky.com/blog/coalition-against-stalkerware/31307/']unethical[/URL], it’s inherently [URL='https://www.kaspersky.com/blog/stalkerware-spouseware/26292/']unsafe[/URL]. The first point hardly requires further explanation. As for the second, the problem is this: Spying apps steal vast amounts of confidential data from devices and send it over the Internet, and their creators care not a jot about protecting it. How the data is stored or transmitted to the command-and-control (C&C) server isn’t generally known. Consequently, it is impossible to predict how many people might gain access to it. Given the rapid development of stalkerware functionality, the data gathered by stalkerware being re-stolen or leaked can become an even bigger headache for victims than the attacker’s initial aim of [URL='https://www.kaspersky.com/blog/smartphone-spying-protection/31894/']tracking their movements[/URL]. [SIZE=5][B]What is MonitorMinor stalkerware capable of?[/B][/SIZE] The recently discovered Android stalkerware MonitorMinor shows what modern spying apps are capable of. In our assessment, it is one of the most powerful smartphone-tracking tools currently in existence. Its abilities include enabling attackers to remotely control the device, record sound and video from the camera and microphone, and steal the contact list, messages, and device PIN or unlock pattern. Although it is positioned as a parental control app, MonitorMinor may be used to secretly monitor family members or colleagues —in other words, for stalking. The license agreement, which is available on the website from which the application is distributed, clearly states that users of the application are not allowed to use it for silent monitoring of another person without written consent. Yet we can’t see how that helps potential targets of stalkers who used the app anyway. The app is very intrusive and can exist on the target’s device without being visible to its owner, and it can silently harvest practically every bit of the target’s personal communications. We decided to draw attention to the app because of its power and inform those who defend people from stalkerware of the potential threat it poses. This is not just another parental control application. As usual, the most vulnerable users are those who have used an application to obtain [URL='https://encyclopedia.kaspersky.com/glossary/root-access/?utm_source=kdaily&utm_medium=blog&utm_campaign=termin-explanation']superuser privileges[/URL] on their device. With that level of access, MonitorMinor has no trouble at all entrenching itself in the system. But don’t think that if you didn’t [URL='https://www.kaspersky.com/blog/android-root-faq/17135/']root[/URL] your device, you have nothing to worry about. First, such software might have been installed at the factory. Second, the smartphone could be infected with rooting malware. Third, someone who wants to spy on you might manually root the device if they gain physical access to it. Once MonitorMinor gets root permissions, it cannot be removed using regular system tools, even if the victim somehow manages to detect it. Worse, in addition to being virtually unremovable, the stalkerware can gain access to data in messenger apps, social networks, e-mail clients, and other applications. The list of apps from which MonitorMinor can steal data includes Gmail, Facebook, Instagram, Viber, Skype, and Snapchat. If it cannot obtain superuser privileges, MonitorMinor proceeds to plan B and uses a suite of regular Android functions known as Accessibility. Developed for people with disabilities, this set of features is very popular with malware creators. The reason is that Accessibility enables malware to swipe everything displayed on the smartphone screen (such as messages and banking app details), tap buttons, copy user-entered text and the clipboard contents, and so on. [SIZE=5][B]How to guard against MonitorMinor[/B][/SIZE] If someone is intent on injecting MonitorMinor into your smartphone, it is quite difficult to prevent. However, you can make the task more complicated: [LIST] [*]Lock your smartphone with a strong password. [*]Be extremely wary of apps that request access to Accessibility. [*]Block the installation of software from third-party sources (or rather, because Android blocks that by default, never allow it). [*]Install a reliable security solution. For example, [URL='https://app.appsflyer.com/com.kms.free?pid=smm&c=ww_kdailyplaceholder']Kaspersky Internet Security for Android[/URL] detects spying apps and warns users about them. [/LIST] [url="https://www.kaspersky.com/blog/monitorminor-stalkerware/34060/?utm_source=rss&utm_medium=rss&utm_campaign=monitorminor-stalkerware"]Source[/url] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
