Because it can be used to follow where you go, who you see, and what you talk about, mobile spyware is one of the most invasive and targeted types of unregulated surveillance. Mobile spyware can be nearly impossible to detect due to its stealthy nature.
However, a Y Combinator-backed firm is developing an app to assist anyone in detecting potential mobile malware on their phones.
Antistalker is an app that monitors the sensors and apps running on a phone — originally for Android only — to detect if the microphone or camera is quietly enabled or data is shared without the user’s awareness. Malloc is a Cyprus-based early-stage firm. Consumer-grade spyware can also take texts, images, online browsing history, and real-time location data from a victim’s phone without their knowledge or permission.
Because of the growing threat of malware, both Apple and Google have implemented indications that show when a device’s microphone or camera is being used. However, some of the more elusive and sophisticated spyware, such as that utilized by governments and nation states, can get past iOS and Android’s tougher defenses.
That’s where Antistalker, according to Malloc, comes in. Maria Terzi, Artemis Kontou, and Liza Charalambous, co-founders of Malloc, designed the software around a machine learning (ML) model that allows it to recognize and restrict device activities that may be perceived as spyware capturing or sending data.
Terzi, an expert in machine learning, told TechCrunch that the company trained its ML model with well-known stalkerware apps to imitate real-world monitoring. Rather than depending on more traditional techniques of scanning for signatures of known spyware programs, machine learning helps the software increase its ability to detect a broad range of new and previously undiscovered threats over time.
“We’re already aware of spyware programs. Why don’t we use their actions to create a machine learning model that will spot fresh spyware?” According to Terzi, who spoke to TechCrunch.
Because the machine learning model operates on the device, it is more private than transferring data to the cloud. Malloc claims it collects some anonymised data in order to develop the machine learning model over time, allowing the app to detect new dangers as they appear on users’ devices.
The program also searches for unusual app behavior, such as bursts of data transmitted by apps that haven’t been used in days, and allows the user to see which apps have accessed the microphone and camera, as well as when they did so.