Anti-Virus Software Lags in stalkerware Detection, EFF Test Reveals

Published: 2025/11/06 20:05:53

A recent test conducted by the Electronic Frontier Foundation (EFF) reveals critically important shortcomings in the ability of popular anti-virus (AV) software to detect stalkerware – software used to monitor and control another person without their knowledge or consent. The findings highlight a critical gap in digital safety and privacy protection, and the EFF hopes the results will spur anti-virus companies to improve their detection capabilities.

What is Stalkerware?

Stalkerware encompasses a range of software, often marketed as parental control or employee monitoring tools, that can be secretly installed on devices to track location, monitor communications (texts, emails, calls), access photos, and even control the device’s camera and microphone. It is frequently used in abusive relationships to exert power and control over victims. Unlike customary malware,stalkerware is frequently enough legally manufactured and sold,making detection more challenging for security software.The EFF provides a detailed explanation of stalkerware and its dangers.

The EFF’s testing Methodology

The EFF tested 25 anti-virus products against a suite of 15 stalkerware applications. The test focused on whether the AV software identified these applications as unwanted or malicious. The tested products included well-known names like Avast, Bitdefender, McAfee, Norton, and others. The EFF used a virtual machine environment to ensure the safety of their testing process and prevent any potential harm to real devices.

Key Findings of the Test

The results were concerning. The EFF found that, on average, anti-virus software only detected approximately 40% of the stalkerware applications tested. No single anti-virus product detected all 15 applications. Some products detected a significant portion of the stalkerware, while others detected very little. The full test results (PDF) provide a detailed breakdown of each product’s performance.

Why is Detection So Challenging?

Several factors contribute to the difficulty of detecting stalkerware. These applications are often legitimately developed and sold, blurring the line between legitimate monitoring tools and abusive surveillance. Stalkerware developers frequently update their software to evade detection, and some employ techniques to disguise their activities. Furthermore,anti-virus companies may prioritize detecting traditional malware threats over stalkerware,given the broader impact of the latter.

Implications and Future Steps

The EFF’s findings underscore the urgent need for improved stalkerware detection capabilities in anti-virus software. The lack of effective detection leaves individuals vulnerable to covert surveillance and abuse. The EFF believes that exposing these detection gaps will encourage anti-virus companies to prioritize this issue and invest in more robust detection methods.

Key Takeaways:

• Anti-virus software currently has limited ability to detect stalkerware.
• On average, AV software detected only 40% of the tested stalkerware applications.
• Stalkerware is often legally sold, making detection more complex.
• Improved detection is crucial for protecting individuals from domestic abuse and privacy violations.

The EFF recommends that individuals concerned about potential stalkerware on their devices utilize a combination of technical tools and safety practices, including regularly reviewing installed applications, using strong passwords, and being cautious about clicking on suspicious links.Resources like the Digital Defence Fund and the National Domestic Violence hotline offer guidance and support for individuals experiencing digital abuse.