If you can’t beat them on the battlefield, beat them in cyberspace. Israel has accused Hamas of creating a fake dating app and targeting both male and female Israeli soldiers to download the app.
Once installed, the app has the ability to see the soldier’s location, contact list and to use the phone as a listening device and camera.
The app targeted Android phone users, likely because that was easier to do. This is apparently the second generation of a surveillance app and is more sophisticated than the earlier app. The user granted the app the permissions to do all of these things, which sort of makes sense for a dating app.
In an effort at spin control, the Israeli Defense Force said that the apps had failed to do any security damage at all, saying that some soldiers had refused to download the app and reported it to superiors. They did admit that some soldiers had downloaded and installed the app.
In another situation, researchers at Northeastern University ran a small experiment to try and detect if their phones were eavesdropping on them.
They took what amounts to a tiny sample of apps – 17,000 out of millions – to see if the phone’s microphone was activated. Out of this small sample, they didn’t find any.
What they did find, however, may be more disturbing.
They discovered that many of these apps were sending screenshots of the phone to third party domains and also video recordings of the user’s interaction with the apps. There is only a very tiny step from there to listening to you in general.
The fact that these apps were doing this was not obvious to a normal user.
Given this, what do you do?
First, and you are not going to like this, read the user license agreement. While only some of the apps that secretly recorded screenshots and video disclosed the fact in their license agreement, some of them did disclose it.
Second, if you are no longer using an app, uninstall it. If the app is not there, it is hard to eavesdrop.
Finally, be cautious about installing apps. Some people never met an app that they couldn’t use. Being selective is probably just smart.
This, apparently, is both an Android and iPhone problem as some of the frameworks that mobile apps are built on top of intentionally offer this screen and video capture. At least one vendor, Appsee, said they their developers are violating their license agreement by capturing user data without permission. Once they were outed by the media, they disabled the video capture for a single app and feel a lot better about themselves. Google also says this violates the Play store agreement. Gee, I am sure that any hacker would be scared about that.
Other software platforms may not even care.
Until Google and Apple give you the ability to absolutely, positively know if your data is being captured, you have something else to be concerned about.