Spyware
Spyware (malware) | |
---|---|
One of many apps from the Google Play Store which secretly installed the Exodus spyware on its victims' phone. | |
Interest of | Security Without Borders |
Spyware is malware intended to report on users' activities and/or exfiltrate their personal data. It is typically hidden inside a legitimate piece of software.
Contents
Functionality
Typical functionality of spyware includes exfiltration of personal data, summaries of device usage such as a list of installed apps, and surreptitious use of hardware devices such as GPS, cameras or microphones.
Origins
Spyware is created and sold on a black market, amongst other actors, by intelligence agencies.[1]
Purposes
Spyware may meet commercial objectives by providing a source of free data about users' behaviour, hardware and software. Of more relevance in the Wikispooks context is spyware which is created to target particular individuals.
Distribution
Distribution of spyware is sometimes targetted, for example to satisfy legal restrictions and/or to try to prevent its discovery. The Exodus spyware was available for download from the Google Playstore from 2016-2019.[1]
Legality
The legal status of spyware is in some countries derived from outdated historical precedents such as manually installed wiretaps. "Using spyware with warrants or a judge's authorization is, generally speaking, legal in most countries in Europe, as well as the United States."[1] However, its non-invasive nature (beyond plausible deniability almost to the point of undetectability) means that -- like the nominal oversight of intelligence agencies -- these restrictions can mean little in practice. After a high profile expose in Vice magazine, the Italian police raided eSurv, producer of the Exodus spyware alleged by legal and technical experts to breaks multiple laws.[2]
An example
Page name | Description |
---|---|
Exodus |
Related Quotation
Page | Quote | Author | Date |
---|---|---|---|
Backdoor | “Every year, we learn about some issue in WhatsApp that puts everything on their users' devices at risk. Which means it's almost certain that a new security flaw already exists there. Such issues are hardly incidental – they are planted backdoors. If one backdoor is discovered and has to be removed, another one is added” | Pavel Durov | 5 October 2022 |