Data Trackers

A data tracker is a piece of software or service whose task is to gather information on a specific aspect. Data trackers are usually implemented to gather information on the person using the application, on how they use it, or on the device being used. Trackers are used in various ways such as to report application crashes, to identify, to analyze, to build your digital profile to provide targeted ads, and to determine your location.

Antistalker detects and flags data trackers through its data monitoring functionality. Once communication to a data tracker is detected, the communication is flagged with this icon 🤖 . The user may click on a detection to find out what sort of information the tracker is collecting

📈 Analytics: these trackers are meant to collect data usage to allow the developer to understand their audience and which features are mostly used.

👤 Profiling: these trackers’ goal is to gather as much information as possible on the application user in order to build a virtual profile. To this effect, the tracker will for instance focus on the browsing history, or on the list of installed applications, and so on.

🛍 Advertisement: these trackers aim to identify the user’s interest in order to serve them targeted ads.The goal of the creator of such a tracker is to generate revenue from their application.

🗺 Location: these trackers are designed to determine the geographical location of the mobile device. This is often accomplished with direct access to the GPS module or indirectly through inference.

💥 Crash Reporting: these trackers collect information regarding application crashes. Their goal is to notify application developers that an app encountered a problem so that they may create fixes in future updates.

🆔 Identification: these trackers are responsible for determining your digital identity. This identity may refer to an official identity or to abstract identifiers (pseudonym, etc.). The goal will be, for example, to be able to correlate an individual’s online and offline activities.

Sources: Exodus, Binns et al.


Stalkerware is monitoring software or spyware that is used for cyberstalking. Stalkerware also includes parental control and find my phone applications. These applications have powerful surveillance functions such as making screenshots, monitoring of Internet activity, recording of location, recording video and audio, and typically the user is not notified about being monitored.

Antistalker detects and flags stalkerware through its data monitoring functionality. Once communication to a stalkerware service is detected, the communication is flagged with this icon 👁 .

Suspicious Communication

Antistalker also detects communication with suspicious domains and services. Communication with a suspicious target should be avoided and may involve a privacy threat. Domains in this category include domains used by Command & Control (C&C) servers C&C servers usually orchestrate attacks or execute commands on infected devices. Suspicious communications are flagged with the 🚨  icon.


In addition to the work we do at Malloc, below you may find information relevant to additional resources we use to build an extensive knowledge base to provide our users with useful indicators.