September 17, 2023

Surveillance apps are becoming more advanced. Here’s what to do if you think you’re being tracked.

Our digital selves are now an established part of our identity. The emails we send, the conversations we have over social media — both private and public — as well as the photos we share, the videos we watch, the apps we download, and the websites we visit all contribute to our digital personas.

There are ways to prevent a government agency, country, or cybercriminal from peeking into our digital lives, for example, by using virtual private networks (VPNs), end-to-end encryption, and browsers that do not track user activity.

However, governments and law enforcement agencies are now taking advantage of sophisticated spyware developed and offered commercially by companies, including NSO groups. It can be extremely difficult to detect or remove when implanted on a device.

This guide will run through different forms of malicious software on your iOS or Android handset, what the warning signs of infection are, and how to remove such pestilence from your mobile devices if it is possible to do so.

How to find and remove advanced spyware from your iOS, Android phone

What is spyware?

Nuisanceware is often bundled with legitimate apps. It interrupts your web browsing with pop-ups, changes your homepage settings by force, and may also gather your browsing data in order to sell it off to advertising agencies and networks. Although considered malvertising, nuisanceware is generally not dangerous or a threat to your core security.

You then have basic spyware. These generic forms of malware steal operating system and clipboard data and anything of potential value, such as cryptocurrency wallet data or account credentials. Spyware isn’t always targeted and may be used in general phishing attacks.

Advanced spyware, also known as stalkerware, is a step-up. Often unethical and sometimes dangerous, this malware is sometimes found on desktop systems, but it is now most commonly implanted on phone. Spyware and stalkerware may be used to monitor emails, SMS, and MMS sent and received; to intercept live calls for the purpose of eavesdropping across standard telephone lines or Voice over IP (VoIP) applications; to covertly record environmental noise or take photos; to track victims via GPS, or to hijack social media apps including Facebook and WhatsApp.

Stalkerware is often downloaded to spy on someone as an individual, such as in cases of domestic abuse.

You then have government-grade commercial spyware. Pegasus is the most well-known recent case, sold as a tool to governments for combating ‘terrorism’ and for law enforcement purposes — but ultimately was found on smartphones belonging to journalists, activists, political dissidents, and lawyers.

The warning signs of attacks

malware-this-phishing-scam-uses-fake-inv-5e3d539d1cb3010001f993a3-1-feb-10-2020-13-00-07-poster.jpg

Phishing is one of the simplest cyber attacks for hackers to carry out – and one of the most effective.

If you find yourself the recipient of odd or unusual social media messages or emails, this may be a warning sign of a spyware infection attempt. You should delete them without clicking on any links or downloading any files. The same goes for SMS content, too, which may contain links to lure you into unwittingly downloading malware.

To catch a victim unaware, these phishing messages will lure you into clicking a link or executing software that hosts a spyware or stalkerware payload. If the malware is being loaded remotely, user interaction is required, and so these messages might try to panic you — such as by demanding payment or pretending to be a failed delivery notice. Messages could potentially use spoofed addresses from a contact you trust, too.

When it comes to stalkerware, initial infection messages may be more personal and tailored to the victim.

Physical access or the accidental installation of spyware by the victim is necessary. However, it can take less than a minute to install some variants of spyware and stalkerware.

If your mobile goes missing and reappears with different settings or changes that you do not recognize — or it has been confiscated for a time — this may be an indicator of tampering.

How do I know when I’m being monitored?

Surveillance software is becoming more sophisticated and can be difficult to detect. However, not all forms of spyware and stalkerware are invisible, and it is possible to find out if you are being monitored.

Android

A giveaway on an Android device is a setting that allows apps to be downloaded and installed outside of the official Google Play Store.

If enabled, this may indicate tampering and jailbreaking without consent. Not every form of spyware and stalkerware requires a jailbroken device, though.

This setting is found in most modern Android builds in Settings > Security > Allow unknown sources. (This varies depending on device and vendor.) You can also check Apps > Menu > Special Access > Install unknown apps to see if anything appears that you do not recognize, but there is no guarantee that spyware will show up on the list.

Some forms of spyware will also use generic names and icons to avoid detection. If a process or app comes up on the list you are not familiar with; a quick search online may help you find out whether or not it is legitimate.

iOS

iOS devices that aren’t jailbroken are generally harder to install with malware unless a zero-day exploit is used. However, the presence of an app called Cydia, which is a package manager that enables users to install software packages on a jailbroken device, may indicate tampering (unless you knowingly downloaded the software yourself).

Other signs

You may experience unexpected handset battery drain, overheating, and strange behavior from the device’s operating system or apps.

Surveillance without consent is unethical. In domestic situations, it causes a severe imbalance in power. If your sixth sense says something is wrong, listen to it. A physical object is not worth sacrificing your privacy and personal security.

Should your device become compromised, take back control of your right to privacy — whether or not this means replacing your handset entirely — but only if your physical safety isn’t being threatened. In those cases, you should contact the authorities and investigators rather than tamper with your handset.

How can I remove spyware from my device?

By design, spyware and stalkerware are hard to detect and can be just as hard to remove. It is not impossible in most cases, but it may take some drastic steps on your part. Sometimes the only option may be to abandon your device.

When removed, especially in the case of stalkerware, some operators will receive an alert warning them that the victim’s device has been cleaned up. Should the flow of your information suddenly stop, this is another clear sign that the malicious software has been removed.

Do not tamper with your device if you feel your physical safety may be in danger. Instead, reach out to the police and supporting agencies.

Now, here are some removal options:

  1. Run a malware scan: There are mobile antivirus solutions available that can detect and remove spyware. This is the easiest solution available, but it may not be effective in every case. Cybersecurity vendors, including MalwarebytesAvast, and Bitdefender, all offer mobile spyware-scanning tools.
  2. Change your passwords: If you suspect account compromise, change the passwords of every important account you have. Many of us have one or two central ‘hub’ accounts, such as an email address linked to all of our other services. Remove access to any ‘hub’ services you use from a compromised device.
  3. Enable two-factor authentication (2FA): When account activity and logins require further consent from a mobile device, this can also help protect individual accounts. (However, spyware may intercept the codes sent during 2FA protocols.)
  4. Consider creating a new email address: Known only to you, the new email becomes tethered to your main accounts.
  5. Update your OS: It may seem obvious, but when an operating system releases a new version, which often comes with security patches and upgrades, this can — if you’re lucky — cause conflict and problems with spyware. Keep this updated.
  6. Protect your device physically: A PIN code, pattern, or enabling biometrics can protect your mobile device from future tampering.
  7. If all else fails, factory reset… or junk it: Performing a factory reset and clean install on the device you believe is compromised may help eradicate some forms of spyware and stalkerware. However, make sure you remember to back up important content first. On Android platforms, this is usually found under Settings General Management > Reset > Factory Data Reset. On iOS, go to Settings > General > Reset.

Unfortunately, some stalkerware services may survive factory resets. So, failing all of that, consider restoring to factory levels and then throwing your device away.

An open source project developed by Amnesty International, MVT (Mobile Verification Toolkit) is a cyber forensics package able to scan for advanced spyware on mobile devices. However, this is most suited to investigators.

What about advanced spyware?

Government-grade spyware can be more difficult to detect. However, as noted in a guide on Pegasus published by Kaspersky, there are some actions you can take to mitigate the risk of being subject to such surveillance, based on current research and findings:

  • Reboots: Rebooting your device daily to prevent persistence from taking hold. The majority of infections have appeared to be based on zero-day exploits with little persistence and so rebooting can hamper attackers.
  • Disable iMessage and Facetime (iOS): As features enabled by default, iMessage and Facetime are attractive avenues for exploitation. A number of new Safari and iMessage exploits have been developed in recent years.
  • Use an alternative browser other than Safari, default Chrome: Some exploits do not work well on alternatives such as Firefox Focus.
  • Use a trusted, paid VPN service, and install an app that warns when your device has been jailbroken. Some AV apps will perform this check.

It is also recommended that individuals who suspect a Pegasus infection make use of a secondary device, preferably running GrapheneOS, for secure communication.

What are Google and Apple doing about this problem?

Google and Apple are generally quick to tackle malicious apps which manage to avoid the privacy and security protections imposed in their respective official app stores.

Several years ago, Google removed seven apps from the Play Store that were marketed as employee and child trackers. The tech giant took a dim view of their overreaching functions — including GPS device tracking, access to SMS messages, the theft of contact lists, and potentially the exposure of communication taking place in messaging applications. Google has also banned stalkerware ads. However, some apps still apparently slip through the net.

When it comes to Apple, the firm has cracked down on parental control apps, citing privacy-invading functions as the reason for removal. The company offers its own parental device control service called Screen Time for parents who want to limit their child’s device usage. Furthermore, the company does not allow sideloading, a practice Apple says stops mobile threats from proliferating in the iOS ecosystem.

12 thoughts on “How to check and stop spyware on your phone

  1. Do you need hackers for hire? Do you need to keep an eye on your spouse by gaining access to their emails? As a parent do you want to know what your kids do on a daily basis on social network (This includes Facebook, Twitter, Instagram, Whatsapp, Wechat and other to make sure they’re not getting into trouble? Whatever it is, Ranging from Bank Jobs, Flipping cash, Criminal records, DMV, Taxes, Name it, he can get the job done. his a professional hacker with 10 years+ experience, Contact him at Gmail Henryclarkethicalhacker@gmail.com.. send an email and Its done. Its that easy.

    1. Contact him for any type of hacking, he is a professional hacker that specializes in exposing cheating spouses, and every other hacking related issues. he is a cyber guru, he helps catch cheating spouses by hacking their communications like call, Facebook, text, emails, Skype, whats-app and many more. I have used this service before and he did a very good job, he gave me every proof I needed to know that my fiancee was cheating. You can contact him on his email to help you catch your cheating spouse, or for any other hacking related problems, like hacking websites, bank statement, grades and many more. he will definitely help you, he has helped a lot of people, contact him on, Henryclarkethicalhacker@gmail.com, and you can Text/Call &WhatsApp: +1 (262)-236-7526, and figure out your relationship status. I wish you the best.

    2. Some time ago, I noticed my spouse cheating on me, but don’t know how to come out with the fact that truly he’s cheating on me. Then i felt so worried and distracted about it, i couldn’t sleep at night and to confront him was quite difficult because i don’t have any evidence whatsoever. until I read a testifier about HENRY HACKER. I contacted him and I was able to get the truth that my spouse is cheating on me, by the help of remote access he gave me so that I was able to monitor his daily activities on his cellphone then I was able to confirm that truly he’s cheating on me. You can also contact him on gmail. Henryclarkethicalhacker@gmail.com and you can also whatapp on +1262-236-7526.

    3. Hello Guys, I just completed my divorce with my cheating husband of 10 years with two beautiful kids when i got a solid evidence of his unfaithfulness on extra marital affairs and his infidelity lifestyle, And the various applications he used to hide chats and a lot of secrets on his cell phone. Then, I decided to hire (Henry clark) an hacker and a PI just to be 100% sure because I don’t want to confront him or take any kinda step without proof, fact and figures because that could leads to defamation… It was with this great, honest, professional and trustworthy Man i got to know my husband is a professional cheater and has been using this app to hide most of his chats. This great hacker helped me broke to into his cell phone activities and wired everything he does on his cell phone directly to my phone and i was able to monitor and track him directly from my phone remotely without him knowing,
      Contact the Ethical hacker via email, Henryclarkethicalhacker@gmail.com you can also reach him on Whatsapp 12622367526..

    4. My husband has been frequently deleting all messages for the last couple of days from his phone and he didn’t know i was peeping at him, then i asked him why he was deleting all messages from his phone but he claimed that his phone memory was full and needed more space. Immediately I went in search of a hacker who can get me deleted information and contents from my husband’s phone and luckily for me i came across this reputable ethical hacker Mr Henry, this hacker got the job done for me and provided me with results and i saw that my husband has been lying to me. He was simply deleting all pictures, call logs, chats and text messages between him and his secret lover so i wont get to see what he has been doing at my back. Thank God for reputable hackers who are ready to help. I must say I am really impressed with the services I got from The Hacker Detective and am here to say a very big thank you: contact him on Henryclarkethicalhacker@gmail.com or on WhatsApp +1(262)236-7526.

  2. My husband has been frequently deleting all messages for the last couple of days from his phone and he didn’t know i was peeping at him, then i asked him why he was deleting all messages from his phone but he claimed that his phone memory was full and needed more space. Immediately I went in search of a hacker who can get me deleted information and contents from my husband’s phone and luckily for me i came across this reputable ethical hacker Me Fred, this hacker got the job done for me and provided me with results and i saw that my husband has been lying to me. He was simply deleting all pictures, call logs, chats and text messages between him and his secret lover so i wont get to see what he has been doing at my back. Thank God for reputable hackers who are ready to help. I must say am really impressed with the services i got from The hacker Detective and am here to say a very big thank you: contact him on fredvalcyberghost@gmail.com and you can text, call him on +1423)641 1452

  3. This is my advice to anyone who wants to hack a phone, do not pay for spy apps if you don’t have access to the phone. I wish I knew this sooner, I would not have spent so much on different spy apps. It took sometime before I finally found a way to hack my husband’s phone without having access to it. I mentioned my fears and insecurities to a friend and she recommended Henry Clark to me, This hacker provided a service that allows me to monitor his calls and conversations. I haven’t decided on what to do yet. I don’t think I can continue in this marriage. He is cheating on me.contact him here for help, via, Henryclarkethicalhacker@gmail.com,
    Whatsapp him on,+12622367526..

  4. I emailed the hacker company twice because I suspect my husband is cheating on me with no response and this makes me worried,Well I finally cried to Mrs Kate who gave me more updates about Mr Henry on his private wizard from youtube. I was told to contact the hacker and his terms and Conditions were very I haven’t cheated on my clients before and I will never do it.h him.I have full details of my husband Facebook also his cell phone and i found out my husband his loyal doesn’t cheat on me and the babies.Email the wizard and get more info about him for a legit job too. Contact his gmail here, Henryclarkethicalhacker@gmail.com, and you can text, call, WhatsApp +1773-609-2741, or +1201-430-5865, He would surely help.

  5. Henryclarkethicalhacker at Gmail .. com is the best professional personnel and I was looking online and saw lot of recommendation Henryclarkethicalhacker@gmail.com, on Whatsapp, call, text +17736092741, or +1201-430-5865, , which prompt to contact him directly to his mail. I knew he had helped a lot of people so I needed help ASAP before I died of heartbreak and emotional trauma. My wife was cheating with her boss and this is not something I used to be happy with. I need access to her WhatsApp and Snapchat which he did provide me access to. I was quick to judge but all was okay. I want to use this measure to give him more recommendations.

  6. Hello everyone, I would like to share my story with you all because I believe it would be of help. I just got over my divorce tussle that went on for almost two years, I filed for divorce because I knew he was cheating but I had no evidence to back up my claim. Long story short I decided to check online if I could have access to another person’s phone without touching or installing any software on it and I met this guy Thomas and I was very shocked because I got all the info including deleted ones. If you would like to get in touch with him, send him a mail; Henryclarkethicalhacker@gmail.com and you can Whatsapp him on +17736092741, or 12014305865, tell him I refer you.

  7. I have dedicated my time to do these although am not supposed to be doing but the laudable job Henry did for me worth more than what i paid for,l have never dream of getting my husband phone call details and receiving his whatsapp and text messages(not even anytime soon).The day i started receiving all his messages that was the day l promised to come back to where l saw recommendation about him and join the good people to spread and share my experience. Married women pls contact him via email: Henryclarkethicalhacker@gmail.com and you can text, call him on whatsapp him on +12014305865, or +17736092741, and be saved from the bondage subjected by those selfish men.

Leave a Reply