Consumer-grade spyware apps that secretly monitor private messages, photos, phone calls and real-time locations are an ongoing problem for Android users.
This guide will help you identify and remove popular surveillance apps from your Android phone, such as Thetruthspy, Cocospy, Spyic.
Consumer grade spyware apps are frequently sold in the guise of child surveillance or family tracking software, but for their ability to track and monitor partners and spouses without consent, they are available in the “stalkerware” and “spouseware” It is called “. These spyware apps are downloaded from outside the Google Play App Store, planted on phones without permission, and disappear from the home screen to avoid detection.
The Stalkerware app is a built-in Android feature that is normally used by businesses to remotely manage employee work phones or snoop someone's device using Android's accessibility mode. It depends on abuse.
Even if your phone is not actively using it, you may notice that your phone is operating abnormally, running warmer than normal, and using a large amount of network data.
Checking if your Android device is compromised is quick and easy.
Before you begin
It is important to have a safety plan and reliable support installed if necessary. Keep in mind that removing spyware from your phone will alert those who plant it and can lead to unsafe situations. The Coalition against Stalkerware provides advice and guidance to Stalkerware victims and survivors.
Please note that this guide will only help you identify and remove spyware apps and will not delete any already collected data and upload it to the server. Additionally, some versions of Android may have slightly different menu options. As any advice is standard, you follow these steps at your own risk.
Make sure Google Play Protect is turned on
Make sure Google Play Protect, a security feature for Android phones, is enabled. Image credits: TechCrunch / Getty Images
Google Play Protect is the best way to protect against malicious Android apps by screening apps downloaded from Google's App Store and downloading them from external sources for signs of potentially malicious activity It is one of the safeguards of the These protections will no longer work when Play Protect is turned off. It's important to make sure Play Protect is turned on and check for malicious app behavior and scans.
You can check that Play Protect is enabled through the Play Store app settings. You can also scan for harmful apps if the scan is not already running.
Check if the accessibility service has changed
Stalkerware relies on deep access to devices to access data and is known to exploit Android's accessibility mode. This requires broader access to the data of screen readers and other accessibility features by design.
Android users who do not use accessibility apps or features should not display the app in this section of Android Settings.
If you are not aware of the service that was downloaded in the Accessibility Options, we recommend turning it off in Settings to remove the app. Some stalkerware apps are disguised as normal-looking apps and are often referred to as “accessibility”, “device health”, “system services”, or other harmless sound names.
Android Spyware often abuses by incorporating accessibility features. Image credit: TechCrunch
Check app access to notifications
Similar to the accessibility feature, Android also allows you to access and read incoming notifications, such as the smart speakers can read alerts loudly, just as they can display notifications on the dashboard. Allow notification access to the Stalkerware app allows for persistent monitoring of notifications, including message content and other alerts.
You can see which apps have access to notifications by checking Android notification access settings under Special App Access. Some of these apps, like Android Auto. You can turn off notification access for unrecognized apps.
Spyware taps to Notification Access to read user messages and other alerts. Image credit: TechCrunch
Check if the device management app is installed
Another feature commonly abused by Stalkerware is Android's device management options, which are similar but even broader access to Android devices and users' data.
Device management options are typically used by businesses to remotely manage employee phones, such as wiping phones in the event of device theft to prevent data loss. However, these features allow the Stalkerware app to snoop data from your Android display and device.
Unrecognized items in the device administrator app settings are a general indicator of phone compromise. Image credit: TechCrunch
Under Security, you can find the device administrator app settings in Settings.
Most people don't have a device management app on their personal phones, so if you see an app that you don't recognize, go to “System Services”, “Device Health”, “Device Management.”
To uninstall, check the app
You may not see the home screen icon in any of these Stalkerware apps, but they will appear in the app list on your Android device.
You can view all the apps installed in Android settings. Look for unrecognized apps and icons. These apps also show you that you have extensive access to calendars, call logs, cameras, contacts and location data.
Spyware apps are designed to blend in with popular name names and icons. Image credit: TechCrunch
Stopping and uninstalling the Stalkerware app can warn those who planted Stalkerware that the app no longer works.
Protect your device
If your phone has Stalkerware planted, it is entirely possible that the phone is unlocked, unprotected, or screen locking has been guessed or learned. A stronger lock screen password will help protect your phone from intruders. You should also use two-factor authentication whenever possible to protect your email and other online accounts.
If you or someone you know needs help, the domestic domestic violence hotline (1-800-799-7233) is secretly available to victims of domestic abuse and violence 24/7 We provide support for. If you are in an emergency, call 911. If you think your phone is compromised by Spyware, then the federation against Stalkerware has resources.