I watch and cry: how hackers monetized spying on lovers
Hackers and scammers actively capitalize on people's desire to control their spouses and civil partners. Both the darknet and the legal Internet space are inundated with offers to spy on a husband, wife, lover or mistress. Bots and mini-applications are actively promoted in the channels of the popular messenger, which indirectly confirm infidelity or infatuation with other users. Izvestia found out from experts what legal and illegal IT monitoring and surveillance tools jealous people use and how to maintain their privacy.
Eternal interest
Experts say that surveillance services are advertised and in demand online, whether it's hacking accounts to access correspondence, remote camera surveillance, or location tracking, despite the illegality of such actions.
The Prosecutor's office of the Magadan region has sent a case to the court against a resident of Magadan who had been following his wife for a year and a half. He purchased a sound recording and motion control device through the marketplace. Now he will be held responsible for the illegal acquisition of special technical equipment designed to secretly obtain information (art. 138.1 of the Criminal Code of the Russian Federation).
Earlier in December, a resident of Primorye, wanting to humiliate his ex-wife, posted a video of a woman visiting the toilet on a social network. The case ended with a verdict for violating the article of the Criminal Code on privacy.
Smartphone control
In the "gray" segment of the Runet, following the "breakdown" of photos and phone numbers, a service for monitoring the social networks of loved ones is actively offered. The main clientele are citizens who doubt the loyalty of their partners.
For example, one of the portals (the servers are located outside Russian jurisdiction, but are accessible without a VPN) offers to take a girlfriend or boyfriend account into development in exchange for a paid subscription. "You will be able to find out who your friend is online with (...)," the advertisement promises. By subscription, constant monitoring of a specific account is available, and the service is adapted to the most popular messengers and social networks among Russian-speaking users. According to an IT specialist, the service simply analyzes account data that the user himself left open, which is not a crime.
"More serious services related to the real control of a person through a smartphone are offered in the illegal segment of the Internet," a source familiar with the criminal technology market told Izvestia. — A program is purchased and sent to a loved one under the guise of secure content. Telegram bots are especially dangerous, as they are able to copy and forward personal correspondence and photos to an interested recipient on their own.
Deception instead of surveillance
— Unfortunately, the popularity of these offers is high, but in many ways it is artificial and inflated due to marketing in the shadow segments of the Internet, — the director of the Secure-T platform (Solar Group) told Izvestia Khariton Nikishkin. — However, behind this hype there is also a real growing threat. It is important to understand that most of the ads about hacking social networks or mail are pure fraud aimed at extorting money and data from the customer himself.
The real danger comes from other technically feasible methods, the expert emphasizes.
"If we put aside outright deception, then two directions are technically feasible and therefore especially dangerous," says the expert. — The first is the use of commercial spyware, the so—called stalkerware. Its installation often requires only short-term physical access to the victim's phone. After that, the attacker can gain full control over the correspondence, geolocation, camera and microphone of the device. The second is the methods of physical surveillance: installing miniature GPS trackers on a car or using "bugs".
Compromising information for two
It is stalkerware that can be considered the most dangerous for privacy.
— It creates a double threat. In addition to the obvious harm to the victim, it also puts the initiator of the surveillance at risk. All the information collected — messages, photos, and movement history — passes through the servers of the developers of such programs, which often turn out to be vulnerable and hacked. Thus, the personal data of all parties involved is compromised. Moreover, to install stalkerware, it is often necessary to disable the basic security mechanisms of the phone (for example, prohibiting installation from unknown sources), which opens the device to other cyber threats, making it defenseless.
Konstantin Parfenyev, an expert in the field of information technology, says that often, instead of spying on a friend, cybercriminals simply take the prepayment from the client, and they slip a malware onto his smartphone. Parfenyev calls the "hijacking" of cloud accounts another common way of spying on loved ones.
— Having access to such services, you can download synchronized photos and use them to track geolocation — to understand where the person was and with whom.
The expert also came across cases where attackers used social engineering to install remote access programs. For example, they pretended to be tech support.
Alarm signals
There are a number of alarms that you should pay attention to if you suspect that you are being followed.
"These signals can be divided into technical and behavioral ones,— says Nikishkin. — Technical signs include an abnormally fast discharge of the phone's battery for no obvious reason, suspicious Internet traffic activity when data is actively transmitted in the background, although you are not using the device, as well as unusual device operation: spontaneous reboots, turning on the backlight, heating in standby mode and the appearance of unknown programs in the application list, which cannot be deleted using the standard method.
Behavioral signs include situations where a partner or acquaintance demonstrates knowledge of the details of your personal conversations or movements that you did not inform him about, as well as the appearance of unfamiliar objects among your belongings.
— For example, it may be someone else's USB flash drives, power banks or chargers that could have been planted on you, and cases when you notice the same cars or people in different places on your regular route.
Konstantin Parfenyev advises to keep an eye on the camera and microphone indicators in the corner of the smartphone screen.
— Colored dots appear in the corner of the screen, indicating the operation of the camera or microphone when applications are closed. To check, open the list of programs that are allowed to determine location, and look into the "Active sessions" section of messengers to make sure that no one is connected to the correspondence from an unauthorized device.
Get away from the tail
Khariton Nikishkin suggests acting coolly if signs of espionage are detected.
— Do not enter into an open conflict based on suspicion, especially if it is about a loved one. From a technical point of view, the most radical but effective step is to reset the phone settings to factory settings, while saving critical data (such as photos) via a computer that you consider safe.
It is also advisable to conduct a thorough physical inspection of your belongings, bags and car; change all passwords from key accounts (mail, social networks, bank applications), necessarily from another trusted device, and immediately enable two-factor authentication. The expert also advises installing licensed security software from a well-known manufacturer that can identify such threats.
— It should be understood that unauthorized collection of information about private life, installation of spyware and hacking are criminally punishable acts, — says Nikishkin. — If your concerns are serious and confirmed, you have every right to seek help from law enforcement agencies. Awareness and proactive digital hygiene measures remain your main shield in this situation.
Переведено сервисом «Яндекс Переводчик»
