Security News > 2020 > February > KidsGuard stalkerware leaks data on secretly surveilled victims

KidsGuard stalkerware leaks data on secretly surveilled victims
2020-02-24 13:28

KidsGuard comes from a company called ClevGuard that promises that its "Excellent products" will deliver "All the information" from a targeted device, including real-time location, text messages, browser history, photos, videos, recordings of phone calls, keylogger data for every keystroke entered and the app where it came from, and all the data from all the social apps - hopping over the end-to-end encryption of, for example, WhatsApp.

ClevGuard says the app can also be used for iPhones without access to the device if you give it the target's iCloud credentials.

The Android version that TechCrunch and Kottmann checked out also requires that some security features be disabled, such as allowing non-Google approved apps to be installed and disabling Google Play Protect, Google's built-in malware protection for Android.

That leaves KidsGuard to freely siphon photos, videos, recordings of phone calls, and to monitor activity on a slew of apps, including on dating apps such as Tinder.

Whittaker put together a "Detect-and-destroy" guide for identifying and removing KidsGuard from your Android phone, but first, you need to to check whether the app has been installed: Go to Settings > Apps, and see if "System Update Service" is listed.


News URL

https://nakedsecurity.sophos.com/2020/02/24/kidsguard-stalkerware-leaks-data-on-secretly-surveilled-victims/