Mobile espionage is the practice by which a threat actor stealthily gathers data about a target via their smartphone. Data captured may include audio snippets, pictures, videos, device locations, files and any communications coming into or leaving the device.
Spyware is the mechanism by which mobile espionage is conducted. To remotely install spyware on the target’s smartphone, a threat actor may use social engineering (e.g., sending a text message containing a link to a malicious site) or a zero-click attack. Once successfully installed, the operator can, depending on the spyware’s capabilities, remotely activate the device’s cameras and microphones, track the phone’s location, access files stored on the device, read text messages and more.
Given that a smartphone is nearly always in the target’s presence and typically contains not just sensitive data but the means to gather such data, mobile espionage is a particularly invasive form of intelligence gathering. The smartphone effectively becomes a bug that records conversations and other audio in the vicinity of the device, a spy camera that captures people, places and things, and a tracker that logs locations and movements.
Within the trove of intelligence collected from a phone, valuable nuggets of information can be revealed. However, even benign pieces of information can be stitched together with other findings – including those derived from traditional espionage or open-source intelligence – to reveal a larger truth.
The threat actor can leverage the insights gleaned via mobile espionage in a number of ways. Key risks to users include the following.
Software-based security is generally overmatched in the battle against advanced spyware. As such, we recommend that users act as if their smartphone has already been compromised. This means limiting the data ultimately available to spies. We recommend using SafeCase™ – our smartphone-coupled security device – to deny audio and video capture. And in instances where location privacy is warranted, we recommend using Vault™, our two-in-one RF shielding and audio masking device.