The US Federal Trade Commission (FTC) has released an advisory warning the public of the risks of mobile spyware, shortly after reaching a deal with Retina-X Studios LLC, a company making a few stalkerware apps.
The settlement comes after it was revealed that the MobileSpy, PhoneSheriff and TeenShield were improperly used to spy on people. Google allows some forms of tracking, but only with the consent of the people tracked, and it needs to show up when running.
Mobile spyware is not new, and advanced protection solutions are trained to detect when applications are spying on people. Some of these apps are designed for parents or companies, but people abuse them.
“According to the FTC’s complaint, Retina-X did not make sure purchasers were using the apps for legitimate purposes. In fact, to install the apps, purchasers often had to weaken the security protections on your smartphone (sometimes called jailbreaking or rooting). Plus, once a purchaser installed the app on your phone, they could remove the icon, so you wouldn’t know they were monitoring you,” the FTC said in the advisory.
As part of the settlement, Retina-X now has to make sure its apps can only be used in legitimate scenarios, and all the data collected so far, often without the user’s knowledge, must be destroyed.
The FTC advises people who suspect they might be the victim of stalkerware to check whether their phone was rooted without their knowledge. A phone with root access allows people to bypass some security measures, which means that the victim won’t know when spyware apps are running. Resetting the phone to factory settings is a good start but, if you feel that’s not enough, you could replace the phone entirely.
Lastly, if you find stalkerware apps on your phone, it’s advisable to consult law enforcement and domestic violence advocates on how to proceed.
*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Silviu STAHIE. Read the original post at: https://hotforsecurity.bitdefender.com/blog/ftc-orders-mobilespy-phonesheriff-and-teenshield-vendor-to-destroy-user-data-21682.html