A Review of Mobile Surveillanceware: Capabilities, Countermeasures, and Research Challenges

Mobile smartphones are prime targets for sophisticated surveillanceware, designed to covertly monitor specific individuals. While mobile operating systems implement various protection mechanisms, their defenses are frequently bypassed due to risky user behaviors or underlying software flaws, leading to persistent successful attacks. This paper addresses the critical research problem of how targeted mobile spyware can be effectively counteracted, particularly given its pervasive and evolving threat amplified by sophisticated evasion techniques. To contribute to this understanding, we comprehensively review mobile surveillanceware variants, namely stalkerware and mercenary spyware. We also critically review mobile OS protection mechanisms, and we detail how surveillanceware bypasses or exploits them. Our analysis reveals that, despite continuous efforts by mobile operating system and device manufacturers, both Android and iOS platforms struggle to protect devices and users, particularly against sophisticated mercenary spyware attacks, remaining vulnerable to these threats. Finally, we systematically review state-of-the-art countermeasures, identify their shortcomings, and highlight unresolved research challenges and concrete directions for future investigation for enhanced prevention and detection. Crucially, this future research must increasingly leverage artificial intelligence, including deep learning and large language models, to effectively keep pace with and overcome the sophisticated tactics employed by modern spyware.