Do you think someone might be spying on your phone?
Stalkerware is software that’s used to spy on you. It’s normally installed on your phone behind your back and without your permission. It can be used remotely to see what you type, read your messages, grab your screen, track your location, listen to your microphone and see through your camera.
Installing it is an invasion of privacy, sometimes part of a pattern of abuse behaviour, and a crime.
If you’re worried that somebody might have put stalkerware on your Android phone, this article will help you to find it and remove it. (Looking for advice about stalkerware on iPhone?)
Stalkerware on Android
Unfortunately, it is easier to get stalkerware on to an Android phone than an iPhone, and stalkerware for Android is often more invasive too.
If you’re worried that somebody might try to put stalkerware on your phone, read our guide to how stalkerware gets on your phone.
If you’re worried think you might already have stalkerware on your phone, follow the steps below.
Be aware that removing a malicious app will also remove any evidence. Unfortunately, removing stalkerware can sometimes also escalate abusive behaviour.
Install the Traced app
Download the free Traced app from the Google Play Store. It monitors what the other apps on your phone are doing and tells you if they start doing risky things, like using your camera.
If you want to remove an app that’s doing risky things on your phone, you can uninstall it from within the Traced app – just click on the app which you’re concerned about, and click on the uninstall button.
In most cases, that’s all you need to do. However, in some cases the stalking app may be password protected. If it is, follow the steps below.
What to do if you can’t remove the stalkerware app with Traced
If a stalkerware app has been password protected you will see a pop up asking you to enter a password before you can uninstall it. This doesn’t happen often, but if it does it makes the app harder to remove.
The chances are that you won’t know the password – it isn’t wise to guess it, as entering an incorrect password could notify the perpetrator that you’ve attempted to gain access. If you do know it, just type it in. If you don’t know the password, you have two options:
Option 1, do a factory reset
A factory reset is easy to perform but it deletes all of your apps and data. Although it will get rid of the stalkerware completely, it will also erase the evidence that the stalkerware was ever there. If you need that evidence to prosecute your stalker, you should stop using the phone, leave it untouched and get another.
Once you do it, there is no going back, so make sure that you’ve got a backup of anything, like your pictures, that you’d like to keep first.
To reset your phone and delete everything on it, including the password protected stalkerware, click on: Settings > Backup & reset > Factory data reset.
Option 2, remove the app with ADB
ADB (the Android Debug Bridge) lets you control your phone from your computer. It gives you deeper access than you’d normally get and allows you to add and remove password protected apps.
Unfortunately, the ADB isn’t user friendly – it’s a technical tool that’s designed for people who are comfortable poking around inside computers. If you know what a command line is and you’re comfortable using one, this is for you. If you don’t, you may need some help from somebody who is.
To install ADB, follow the instructions in our Android Incident Response Lab 1 article.
Once you’ve installed ADB, follow the steps in our Android Incident Response Lab 3 article to contain the stalkerware.
If you’re worried about being spied on or stalked via your devices, please visit the Coalition Against Stalkerware’s website, which has good advice and details of support organisations in different countries.