Stalkerware Detection

Some legitimate applications can be used by criminals to steal your personal data and spy on you. Most of these applications are useful, and many people benefit from using them. These applications include IRC clients, autodialers, file downloaders, system activity monitors, password management utilities, FTP, HTTP, or Telnet servers.

However, if criminals get access to these apps on your computer or manage to covertly deploy them there, they will be able to use some of the functionality to steal your personal data or commit other illegal actions.

You can read about different types of stalkerware below.

Type

Name

Description

Client-IRC

IRC clients

People install these apps to communicate with each other in Internet Relay Chats (IRC). Criminals can use these apps to spread malware.

Dialer

Autodialers

Can covertly establish phone connections over a modem.

Downloader

Downloaders

Can covertly download files from web pages.

Monitor

Monitor apps

Allow monitoring the activity of the computer on which they are installed (tracking which applications are running and how they are exchanging data with apps on other computers).

PSWTool

Password recovery tools

Enable users to see and recover forgotten passwords. Criminals secretly deploy these apps on people's computers for the same purpose.

RemoteAdmin

Remote administration tools

Widely used by system administrators to get access to remote computers’ interfaces to monitor and control them. Criminals covertly deploy these apps on people's computers for the same purpose, to spy on remote computers and control them.

Legitimate remote administration tools are different from backdoors (remote control Trojans). Backdoors can infiltrate a system and install themselves there on their own, without the user's permission, whereas legitimate apps do not have this functionality.

Server-FTP

FTP servers

Operate as FTP servers. Criminals can deploy them on your computer to open remote access to it using the FTP protocol.

Server-Proxy

Proxy servers

Operate as proxy servers. Criminals deploy them on a computer to use it for sending out spam.

Server-Telnet

Telnet servers

Operate as Telnet servers. Criminals deploy them on a computer to open remote access to it using the Telnet protocol.

Server-Web

Web servers

Operate as web servers. Criminals can deploy them on your computer to open remote access to it using the HTTP protocol.

RiskTool

Local tools

They give users additional capabilities for managing their computers (enabling them to hide files or active application windows, or to close active processes).

NetTool

Network tools

They give the users of computers on which they are installed additional capabilities for interacting with other computers on the network (restart remote computers, find open ports, launch applications installed on those computers).

Client-P2P

P2P network clients

Enable people to use P2P (Peer-to-Peer) networks. They can be used by criminals to spread malware.

Client-SMTP

SMTP clients

Can covertly send emails. Criminals deploy them on a computer to use it for sending out spam.

WebToolbar

Web toolbars

Add search engine toolbars to the interface of other apps.

FraudTool

Fraudware

Imitates other applications. For example, there is anti-virus fraudware which displays notifications of discovering malware on a computer, whereas they actually neither find nor clean or fix anything.

Enable stalkerware protection, and we will warn you of any attempts to access your location data, your messages, or other personal data.

You can also enable stalkerware protection in the Threats and Exclusions settings window, by checking the Detect other software that can be used by intruders to damage your computer or personal data box.

Page top