Consumer-grade spy apps that secretly and always monitor your private messages, photos, phone calls and site in real time are a growing problem for Android users.

This guide will show you how to discover and remove popular monitoring apps from your Android phone, including TheTruthSpy, KidsGuard, and other apps.

Consumer spy apps are sometimes sold under the guise of kid or family monitoring software, but are referred to as “stalkerware” and “spouseware” due to their ability to track and monitor partners or spouses without their consent. These spy apps are downloaded from outside the Google Play app store, installed on the phone without the person’s consent, and infrequently disappear from the house screen to avoid detection.

Stalkerware apps use built-in Android features which are typically utilized by firms to remotely manage worker work phones or use Android’s availability mode to spy on someone’s device.

You may notice that your phone is acting unusually, running hotter or slower than usual, or using loads of network data, even if you’re not actively using it.

Checking if your Android device has been tampered with can be done quickly and simply.

Before you begin

It’s vital to have a security plan and reliable support in the event you need it. Remember that removing spyware from your phone will likely alert the one that placed it, which could create a dangerous situation. The Coalition Against Stalkerware offers advice and guidance for victims and survivors of stalkerware.

Please note that this guide only helps you discover and remove spyware applications, and doesn’t remove data that has already been collected and uploaded to servers. Additionally, some versions of Android may have barely different menu options. As at all times with any advice, you follow these steps at your own risk.

Check your Google Play Protect settings

Google Play Protect is among the finest anti-malicious app protections on Android, checking apps downloaded from the Google app store and third-party sources for signs of probably malicious activity. These protections stop working if you turn off Play Protect. It’s vital to turn on Play Protect to be certain that it’s working and scanning for malicious apps.

You can check whether Play Protect is enabled within the Play Store app settings. You may also scan for malicious applications in the event you have not already scanned.

Verify that Accessibility Services has not been affected

Stalkerware uses deep device access to access data and has been known to abuse Android Accessibility Mode, which by design requires more extensive access to the operating system and data for screen readers and other accessibility features to function.

Android users who don’t use apps or accessibility features mustn’t see any apps of their Android settings.

If you do not recognize the downloaded service in your accessibility options, you possibly can disable it in your settings and delete the app. Some stalkerware apps disguise themselves as normal-looking apps and are sometimes called “Accessibility”, “Device Status”, “System Service” or other innocuous-sounding names.

Android spyware often abuses built-in accessibility features. Image credits: TechCrunch

Check your access to notifications

Like accessibility features, Android also allows third-party apps to access and skim incoming notifications, corresponding to allowing smart speakers to read alerts aloud or display in-automotive notifications on the dashboard. Granting notification access to the Stalkerware app allows you to always monitor your notifications, including messages and other alerts.

You can check which apps have access to your notifications by checking your Android notification access settings under Special app access. You may recognize a few of these apps, corresponding to Android Auto. You can turn off notification access for any app you do not recognize.

Spyware uses access to notifications to read user messages and other alerts. Image credits: TechCrunch

Advertisement

Check if the device administration application is installed

Other features often abused by stalkerware include Android Device Administrator options, which give similar but even broader access to Android devices and user data.

Device administrator options are typically utilized by firms to remotely manage their employees’ phones, for instance to wipe the phone if the device is stolen to prevent data loss. But these features also allow stalkerware apps to spy on your Android display and device data.

An unrecognized item in your device’s admin app settings is a standard indicator that your phone has been compromised. Image credits: TechCrunch

You can find the device administrator app settings in Settings within the Security section.

Most people do not have a tool administration app on their personal phone, so be wary in the event you see an app you do not recognize with a similarly vague and confusing name, corresponding to “System Service,” “Device Health,” or “Device Administrator.”

Check for apps to uninstall

The icon for any of those stalkerware apps may not be visible on your home screen, but they are going to still appear within the app list on your Android device.

You can see all installed apps in Android settings. Look for apps and icons you do not recognize. These apps may also appear as having broad access to your calendar, call logs, camera, contacts, and site data.

Spyware applications are designed to mix in with generic-looking names and icons. Image credits: TechCrunch

Advertisement

Forcefully stopping and uninstalling a stalkerware application will likely notify the one that installed the stalkerware that the applying isn’t any longer working.

Secure your device

If you have got stalkerware installed on your phone, there may be a high likelihood that your phone has been unlocked, unprotected, or that the screen lock has been guessed or known. A stronger lock screen password can assist protect your phone from intruders. You also needs to protect your email and other online accounts by utilizing two-factor authentication when possible.

Read more on TechCrunch: