Abstract: The disclosed computer-implemented method for mitigating stalkerware by rendering it useless is performed, at least in part, by a computing device comprising at least one processor. The method includes detecting, by the at least one processor in accordance with a security configuration of the computing device, a stalkerware application running in a foreground of the computing device. The method also includes overlaying, by the at least one processor in accordance with the security configuration, the stalkerware application with a window in response to the detecting. The method further includes performing a security action by intercepting one or more user inputs to the stalkerware application via the window, thereby preventing user configuration of the stalkerware application. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for detecting unauthorized use of an application may include (1) receiving, by the computing device, fingerprint data associated with a fingerprint, where the fingerprint data is received from the touchscreen, when a user interface of the application is displayed on the touchscreen, and in an absence of displaying a request for fingerprint data on the touchscreen, (2) comparing the received fingerprint data to a whitelist of authorized fingerprint data to determine a presence of a match, where the authorized fingerprint data indicates at least one fingerprint of at least one user that is authorized to access the application and (3) performing, when the received fingerprint data does not match the whitelist of authorized fingerprint data, a security action. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Methods and systems are provided for preventing the installation of malicious applications using system-level messages. One example method generally includes intercepting a request sent via an operating system of the computing device; determining the request is to access an application in a remote application repository; obtaining information associated with the application from the request; transmitting, over a network, the information to a security server; and receiving, over the network, a security recommendation for the application from the security server.