We reported today on KidsGuard, a powerful mobile spyware. Not only is the app secretly installed on thousands of Android phones without the owners 'approval, it also leaves a server open and unprotected, making the data extracted from the victims' infected devices accessible to the Internet.
This spyware for end users is also known as "stalkerware". It is often used by parents to monitor their children, but too often it is used to spy on a spouse without their knowledge or consent. These spy apps are prohibited in the Apple and Google app stores. However, these bans have done little to curb the proliferation of these privacy-invading apps that read a victim's messages, listen to their phone calls, track their locations in real time, and steal their contacts, photos, videos, and everything else on theirs phones.
Stalkerware has been so slandered by data protection experts, security researchers and lawmakers that antivirus manufacturers have promised to do more to better detect the spyware.
theinformationsuperhighway has received a copy of the KidsGuard app. We tested the functions of the spyware with a burner Android phone with sealed microphones and cameras. We also uploaded the app to VirusTotal, the online malware scanning service that runs uploaded files against dozens of different antivirus companies. Only eight antivirus engines have flagged the example as malicious – including Kaspersky, member of the Coalition Against Stalkerware, and F-Secure.
Yoong Jien Chiam, a researcher at F-Secure's Tactical Defense department, analyzed the app and found that it could get "GPS locations, account names, on-screen screenshots, keystrokes, and access to photos, videos, and browsing history".
The developer of KidsGuard, ClevGuard, does not make it easy to uninstall the spyware. However, this quick guide can help you determine if the spyware is on your device and how to remove it.
Before you continue, some versions of Android may have slightly different menu options. The following steps are carried out at your own risk. This will only remove the spyware and will not delete any data uploaded to the cloud.
How to identify the spyware
If you have an Android device, go to the settings > AppsThen scroll down and check if "System Update Service" is listed. This is what ClevGuard calls the app in order to disguise it from the user. If you see it, it is likely that you are infected with the spyware.
First remove the spyware as the "device administrator".
Go to the settings > safety, then device administrators Then uncheck the "System Update Service" checkbox and click "Disable".
Then remove the "usage access" of the app.
Now go back to the settings > safety Then scroll to Apps with usage access. Tap here on "System Update Service" and switch off the switchover point for the authorization use.
Also remove the "notification access" of the spyware.
Once that is done, go back to the settings > Sound & notification then go to notification Access. Now switch off the switch for "System Update Service".
You can now uninstall the spyware from your device
After these steps, you have effectively deactivated the spyware. Now you can uninstall it. Go to the settings > Apps and scroll down to "System Update Service". You should be able to press Uninstall, but you may have to press Force stop first. tap okay to uninstall the app. It may take a few minutes.
Back up your device again
After you have spyware installed on your device, you need to activate some settings that have been deactivated when your device was first infected. First go back to the settings > safety Then turn the switch off Unknown sources, Second, go to Load game > Play Protect, If you have the option, choose turn on, Once it is on, you should check that it "looks good".