Alleged TikTok ‘Skyrim IRL’ Murders Shows the Real Danger of Stalkerware

Ali Nassar Abulaban, who makes “Skyrim IRL” TikToks, allegedly installed an app on his daughter's iPad to listen to conversations in an apartment.
Image: JinnKid Youtube
Screen Shot 2021-02-24 at 3
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.

Last week Ali Nassar Abulaban, a popular TikTok and other social media personality with over a million followers combined across his accounts, allegedly murdered his wife and a man. Abulaban is particularly popular from his “Skyrim IRL” series, in which he depicts how characters from the Bethesda Studios fantasy world would act in real life.

Abulaban allegedly murdered Ana Abulaban, 29, and friend Rayburn Barron, 28, after he listened to them through an app he had surreptitiously installed on his daughter’s iPad that allowed him to monitor what was happening around the device, according to multiple media reports. On Thursday morning, Abulaban allegedly vandalized the couple’s home and installed the app, NBC 7 San Diego reported, citing prosecutors. The New York Post added that Abulaban was later specifically “listening” through the app and heard his wife and Barron talking and laughing. That’s when he returned to the apartment and allegedly shot both of them, the reports said.


This episode starkly shows the real-world threat of stalkerware, software that is installed on victim devices to listen, track, or surveil them and others. But it also highlights the risk more specifically of family monitoring apps; software that may be marketed more for keeping tabs on children, but which can play a more sinister role in domestic violence.

“It is very common for the abuser to use the child's devices as a way of spying on the survivor,” Eva Galperin, director of cybersecurity at activist organization the Electronic Frontier Foundation, who has worked to apply pressure on the stalkerware industry, told Motherboard in a phone call. “The advantage of spying on the child's device is that even if abuser doesn't have physical access to the survivor's device, they will eventually have access to the child's device, entirely alone, unquestioned. Frequently, they often have the administrative power over that device. And sometimes they are even the owner of that device.”

Do you know about any other ways abusive partners are leveraging technology? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, or email

The sort of stalkerware that more blatantly advertises itself as a tool for tracking cheating spouses is more often than not made for Android phones. This is because Android lets users sideload software; that is, directly install an application rather than sourcing it through the official Google Play Store. Many stalkerware apps are not on the Play Store itself, meaning companies direct users to download the app from their own website or via a file sharing service and then to "sideload" it onto their device by installing the APK file directly.


But the app Abulaban used was for an iPad, according to the reports and others. Unless the daughter’s iPad happened to be jailbroken, which is possible but generally unlikely, that means that app likely would have been downloaded from the official Apple App Store. Apple does not allow obvious stalkerware on its platform. It does, however, allow various child monitoring tools, some of which have similar capabilities to explicit stalkerware and which can be used to monitor the user of the device.

When asked what app Abulaban used, Tanya Sierra, public affairs officer at the San Diego County District Attorney’s Office, told Motherboard in an email she could not discuss the facts or evidence of the open case.

Beyond the question of whether parents should use child monitoring in the first place, if the app Abulaban used was one of these tools, it does show how such a technology can be used even if its marketing is not geared towards these sorts of abuses. It also shows the real and potentially violent outcomes of domestic abuse, and more specifically of cellphone and device monitoring done by an abusive partner. For years, experts in the cybersecurity industry did not take stalkerware particularly seriously, in part because it was not the most interesting research area on a technical level. That has changed in recent years, but stalkerware and device monitoring more generally remains a tool used by domestic abusers; what is alleged to have happened with Abulaban is a nightmare, and a worst-case scenario.

Update: This piece has been updated to include comment from Eva Galperin.

Subscribe to our cybersecurity podcast CYBER, here. Subscribe to our new Twitch channel.