How to find hidden spy apps on Android phones


While most people own a smartphone and spend a lot of time on it, it is actually pretty rare to have a rounded knowledge of everything your phone can do. In some ways this is totally normal, after all you don’t have to be a mechanic to drive a car, but at the same time, we put so much of our lives and our information into our phones that occasionally, ignorance of the security vulnerabilities could land you in hot water.

With this in mind we have put together a guide telling you how to find and recognize hidden spy apps or spyware on your Android phone, and how to get rid of them.

There are two main routes to take to identify hidden apps; performing a series of manual checks, or alternatively using a spy detector app, such as the free app Certo Mobile Security to easily sweep your phone in one easy step.

Free spy detector app for Android

Certo Mobile Security crushes spyware, stops intruders and keeps you safe online.

Signs of invisible spying on your Android phone

Your phone is Rooted and you didn’t do it

Rooting is the process of breaking through some of the security levels on your Android device in order to gain greater control over the device. While rooting is not particularly difficult it does require some technical knowledge and will not be something that can happen to your device by accident. If you find that your phone or tablet is rooted, and it wasn’t you who did it, there is a good chance that your device has been hacked.

Though malware can be installed on your Android device without rooting, inbuilt security measures prevent some features of the spyware being used to their full potential. For this reason, hackers who want to gain access to certain functions or data on your phone will often root the device first to give them this control.

If you think your device may have been rooted the Certo Mobile Security app can check, and scan for any invisible spyware that may be present.

Your phone has sudden or unexplained high data-usage

Spyware typically works by sending a huge amount of data from your phone to the spyware provider’s servers, to be accessed by the hacker at their convenience. They can also often tap into your phone conversations, location, or messages in real time. This requires your phone to use a lot of extra data to send all this information out. If your phone is using much more data than you think it should be, it may have been compromised.

Someone knows too much about you

It sounds strange but if you find that someone seems to know where you’ve been before you tell them, or who you’ve been talking to without you sharing that information, they may just be monitoring your phone activity. We all think of hackers as being criminals and strangers, but an alarming proportion of spyware is installed by those closest to their victims for personal as well as financial reasons.

Types of invisible spyware

Commercial spyware

There is a relatively large market out there for custom built commercially available spyware. Some examples of this type of spy app are mSpy, FlexiSpy and XNspy. These apps can be bought for as little as $30 and easily installed on someone’s phone or device to monitor and record all of their activity. This type of app can easily be hidden after installation; making it completely invisible to the owner of the phone. Most give the hacker the option to hide it as part of the functionality of the app, but even if this is not the case an app can still be easily hidden on an Android by following some simple steps.

Misuse of legitimate apps

There are lots of functions and apps on an Android phone that are designed to be useful to the user but can unfortunately be abused by a hacker to secretly spy on you.

  • Legitimate tracking apps: Apps like Life360, FindMyKids and Family Locator are designed for concerned individuals to keep track of their children or other family members or friends. They are useful for those wanting to check things like whether their child got to school safely or a group of friends organizing a meet-up. However, if a hacker or stalker was able to install this on someone’s phone without their knowledge, they could use it to track their location without the victim knowing anything about it.
  • Maps/Navigation apps: Things like Google Maps often have a function that allows you to share your location with another user of the same app. Great for finding your friends but not so good if a hacker or stalker gets hold of your phone. They could easily set your phone up to share your location with them at any time, which could be dangerous for you.

While misuse of legitimate apps like these cannot give a hacker or stalker as much information as commercial spyware they can still pose a threat to your safety. These methods are becoming more popular as they require only short term access to the victims phone, cost nothing, and are easy to hide.

ZeroDay spyware

ZeroDay spyware is the term used to describe previously unknown threats and vulnerabilities that are sometimes already being exploited by hackers. Occasionally these take the form of spyware. In 2019 a ZeroDay vulnerability was exposed that was being used by hackers to give them full control over Android phones. In this example the victim would need to have been taken in by a phishing attack that led them to download a malicious app or visit an infected website. The app or website would have been carefully engineered to look legitimate, meaning that in many cases victims would not know that they were being hacked until it was too late. You can read our blog here on the importance of being vigilant against phishing attacks and how to spot them.

How to find hidden spyware on Android

Now that we have been through the types of invisible spy apps that could be lurking on your Android phone, we’ll tell you how to find them and more importantly how to get rid of them.

The easiest way to find out if there is anything malicious on your phone is by using a scanning app, such as the free app Certo Mobile Security.

Detect and destroy spyware

Certo Mobile Security finds and removes hidden spyware fast! Get it for FREE from the Play Store now.

If you decide to check your phone yourself manually – these are the steps you should take:

Look through your apps for any you don’t recognize

Many of us have pages or folders of downloaded games or apps that we may have used for a short time and then forgotten about (I’m looking at you Strava). A quick check through all installed apps on the phone is a simple way to find a spy app. It’s important to remember here that there are a certain number of apps that come pre-installed on your phone, if in doubt do some research on Google to find out if the apps that you don’t remember downloading are a normal part of the Android set up.

Check the permissions granted to your apps

This could potentially be a little more time consuming to do manually, but it is important to find out which apps have access to your microphone, camera or location data. This could reveal whether an app is secretly tracking you without your knowledge or permission, making it a pretty reliable indicator for identifying hidden spy apps.

If you don’t have time to go through these manual steps you can install the Certo Mobile Security app, tap on Privacy Audit, and view the list of apps you have installed, along with which ones are accessing your GPS location, camera, microphone or other device functions.

To check manually follow the steps below:

  1. Open Settings.
  2. Tap Apps or Manage apps.
  3. Tap App permissions.
  4. Tap each permission to see which apps have access and adjust accordingly.

Keep an eye on your location symbol

Android devices let you know when an app is using your device location by displaying a small symbol in the notification bar at the top of the screen. If you notice that this location symbol is constantly appearing, but you aren’t using any apps that are allowed to access your location data, then it could be a sign that an invisible spy app is running in the background and tracking your location.

Is Google Play Protect disabled?

Google Play Protect is Android’s built-in virus and malware scanner. It is designed to run in the background to automatically scan every app that is downloaded onto your Android phone for viruses or malware. The default setting for Google Play Protect is for it to be turned on, so if it is off, it may be because someone has installed something dangerous on your phone and needed to switch the protective scanner off to allow them to do it.

To check your Google Play Protect settings manually:

  1. Open the Google Play Store app.
  2. Tap Menu > Play Protect > Settings.
  3. Check Scan device for security threats is on.

If you are suspicious and think that someone may be stalking you digitally, do not ignore it. You may wish to go through the steps outlined above to check your phone for any unapproved activity. Or you could download our free app, Certo Mobile Security to sweep your phone for spyware and check all these settings and permissions in one reliable step.