How to Find Hidden Spy Apps on Android Phones
Updated:
Most of us store very important and private information on our phones. From family pictures and videos to banking passwords and PINs, the last thing you would want is for this information to end up in the hands of a hacker.
One of the most common ways a hacker would get into your phone and get access to this information would be if they were able to install a hidden spy app on your device.
Android phones have a reputation for being more vulnerable to hacking compared to iOS devices. This is partly because Android devices are more open and can be customized more easily. This makes it simpler for a hacker to install a hidden spy app.
In fact, our team recently discovered RadzaRat—a dangerous trojan disguised as a file manager that gives hackers access to all files stored on your Android phone.
With threats like these constantly emerging, we’ve put together a guide telling you how to find and recognize hidden spy apps or spyware on your Android phone and how to get rid of them.
Free spy detector app for Android
Certo AntiSpy crushes spyware, stops intruders and keeps you safe online.
How to Find Hidden Spy Apps on Android
If something feels off with your Android phone, trust your instincts. There are several effective ways to check for hidden spyware—from quick automated scans to manual checks you can do yourself.
Here’s how to uncover what might be lurking on your device.
1. Look for unrecognized apps
Checking your installed apps is a straightforward first step in hunting for spyware.
Take a close look at everything on your device, including those folders of old games and apps you downloaded once and never opened again. Spyware often hides in these forgotten spots because most people don’t think to check there.
However, keep in mind that some spy apps can be completely hidden from your app list, making them invisible to this type of manual check.
To check all installed apps:
- Open the Settings app.
- Tap Apps or Manage Apps.
- Scroll through and review your list of installed apps.
- Uninstall any apps you no longer require or that look suspicious.
Fig 1. Finding and removing spyware in the apps folder.
It’s also important to remember that there are some apps that come pre-installed on your Android device.
If in doubt about any apps, do some research on Google to find out if the app is a normal part of the Android operating system.
2. Check your app permissions
Another great way to reveal a hidden spy app is to review which apps have access to your microphone, camera, file system or location data.
Spyware often requires these permissions to access sensitive data.
To check which apps have access to your device functions, follow the steps below:
- Open your Settings app.
- Tap Security and privacy.
- Tap Permission Manager.
- Tap each permission to see which apps have access and adjust accordingly.
Fig 2. Reviewing which apps have access to the camera on Android.
Pro Tip: Pay special attention to apps that have access to your microphone, camera, or location. If you don’t recognize an app or can’t remember why it needs these permissions, it’s worth investigating further or removing it entirely.
3. Run a spyware scan
Using an anti-spyware app is often the quickest and most reliable way to find hidden spyware on your device.
Apps like Certo AntiSpy scan your phone for malicious software, check your app permissions, and flag suspicious activity—all in just a few minutes.
Here’s how to run a scan:
- Download the Certo AntiSpy app from the Google Play Store.
- Open the app and tap Scan Now.
- If a threat is found, just tap Remove to erase it from your device.
Fig 3. Detecting spyware with Certo AntiSpy.
4. Keep an eye on your location symbol
Android devices let you know when an app is using your device’s location by displaying a small symbol in the notification bar at the top of the screen.
If you notice that this location symbol is constantly appearing, but you aren’t using any apps that can access your location data, it could be a sign that a hidden spy app is running in the background and tracking your location.
Fig 4. The location icon appearing on Android.
5. Check if Google Play Protect is disabled
Google Play Protect is Android’s built-in virus and malware scanner.
It is designed to run in the background to automatically scan every app that is downloaded onto your Android phone for viruses or malicious apps.
Google Play Protect is turned on by default on most devices. If it is off, it may be because someone has installed a hidden app on your phone and needed to switch the protective scanner off to allow them to do it.
To check your Google Play Protect settings manually:
- Open the Google Play Store app.
- Tap your profile in the top right and choose Play Protect.
- If Play Protect is disabled, you’ll see an option to Turn on.
Fig 5. Checking if Play Protect is disabled on Android.
6. Check for Device Admin apps
The Device Admin permission on Android grants special elevated access to the device and its features. It is intended for enterprise users giving them a way to manage company-owned devices.
However, spy apps will also often require this access in order to monitor your activity and block removal. Checking your device for any unrecognized Device Admin apps can be a useful way to reveal a spyware app.
To check for Device Admin apps, follow these steps:
- Open your Settings app.
- Search for “device admin” and tap Device admin apps in the results.
- Tap Device admin apps.
- Look for any apps you don’t recognize.
- If you find a suspicious app, revoke its Device admin access and uninstall.
Fig 6. Locating device admin apps on Android.
Signs of Hidden Spy Apps on Android
Your phone often shows warning signs when something’s not right. Here are the red flags that could indicate hidden spyware is running on your device.
While these signs may not always mean your device has been compromised, they are certainly something to look out for, especially if you are experiencing multiple signs at once.
Your Android phone is rooted
Rooting is the process of breaking through some of the security restrictions on your Android device to gain greater control over it.
While rooting is not particularly difficult to do, it does require some technical knowledge and will not be something that can happen by accident.
If you find that your phone or tablet is rooted and it wasn’t you who did it, there is a good chance that your device has been hacked.
Although spyware can be installed on your Android device without rooting, inbuilt security measures prevent some features of the app from being used to their full potential.
For this reason, hackers will often root the device first to give them this control.
Pro Tip: Not sure if your phone is rooted? Look for apps like “Superuser”, “SuperSU” or “Magisk” in your app list. These are commonly used after rooting and wouldn’t be there unless someone had modified your device.
Sudden or unexplained high data usage
Spyware apps typically work by sending a large amount of data from your Android phone back to the hacker.
They can also often tap into your phone conversations, location, or SMS messages in real-time. Therefore, your data usage will definitely increase if your phone has to send all this information out.
If your phone uses much more data than you think it should, it may have been compromised.
How to check your data usage:
- Open Settings app.
- Tap Network & Internet or Connections.
- Tap Mobile data or Data usage.
- Review which apps are using the most data.
If you see an unfamiliar app, run a quick scan with Certo AntiSpy to find out if it’s malicious.
Fig 7. Checking data usage in settings.
Google Play Protect is turned off
As mentioned earlier, Google Play Protect is Android’s built-in security feature that automatically scans apps for malware.
If you didn’t turn it off yourself, finding it disabled is a major red flag. Hackers often disable this feature to prevent their spyware from being detected and removed.
Always make sure Google Play Protect is enabled and running regular scans on your device.
Someone knows too much about you
It sounds strange, but if you find that someone seems to know where you’ve been before you tell them or who you’ve been talking to without you sharing that information, they may just be monitoring your phone activity.
We all think of hackers as being criminals and strangers, but an alarming amount of hidden spyware is installed by someone you know.
Someone close to you may be easily able to physically access your phone and install spyware or hidden tracking apps without your knowledge.
Other signs of spy apps for Android
Beyond the major red flags above, your phone may also show these warning signs:
- Your phone getting unusually hot: Performing all of the tasks required for spying may cause your device to work harder, leading to an increase in temperature.
- Your phone taking longer to shut down: Your Android smartphone can only shut down when all the current processes are complete. Most spy apps will run many processes, and it may take longer for your phone to shut down.
- Your battery runs out quickly: The extra processes hidden apps will run may drain your battery faster than normal.
Pro Tip: If you are experiencing any of these symptoms, it’s a good idea to run a security scan to check your device for any threats.
Video: How to Detect and Remove Spyware on an Android Phone
Check out this related video ⬇️
Types of Invisible Android Spyware
There are several different types of spyware that can find their way into your phone. Let’s run through these so that you can understand what you should be looking for.
Commercial spyware
There is a relatively large market out there for off-the-shelf commercial spyware. Some popular examples include mSpy, FlexiSpy, and Eyezy.
These apps can be bought for as little as $30 and can easily be installed to secretly track, monitor, and record all activity on an Android device.
This type of app can also be hidden after installation, making it completely invisible to the owner of the phone. Most give the hacker the option to hide it as part of the functionality of the app, but even if this is not the case, there are some easy workarounds.
Expert Insight: How commercial spyware works
Commercial spyware is designed to be as invisible as possible. Once installed, these apps often:
- Run silently in the background without showing up on your home screen or app drawer.
- Disguise themselves as system files or harmless apps like “System Update” or “Wi-Fi Service”.
- Require Device Admin privileges to prevent easy uninstallation.
- Send your data (messages, calls, photos, location) to a remote server that the hacker can access.
The most concerning part? These apps are marketed as “legitimate” monitoring tools for parents or employers, but they’re frequently misused for stalking and invasion of privacy.
Misuse of legitimate apps
Many Android OS features and apps are designed to be useful to the user. But unfortunately, even some legitimate apps can be abused by a hacker and used to secretly spy on you.
Legitimate tracking apps
Cell phone tracking apps like Life360, FindMyKids, and Family Locator are designed for concerned individuals to keep track of their children or other family members or friends.
They are useful for anyone wanting to check things like whether their child got to school safely or for a group of friends organizing a meet-up.
However, if a hacker or stalker installs this on someone’s phone without their knowledge, they could use it to track their GPS location, often without the victim knowing anything about it.
Maps and navigation apps
Apps like Google Maps have a function that allows you to share your location with another user of the same app.
This is great for finding your friends, but not so good if a hacker or stalker gets hold of your phone.
They could easily set your phone up to share your location with them at any time, which could be dangerous for you.
While misuse of legitimate apps like these can’t give a hacker as much information as commercial spyware can, they can still be a threat to your safety.
These methods are becoming more popular as they require only short-term access to the victim’s phone, cost nothing, and are easy to hide.
Pro Tip: Regularly check your location-sharing settings in apps like Google Maps and Find My Device. Go to the app settings and review who you’re sharing your location with. If you see any unfamiliar names or accounts, remove them immediately.
Zero-day spyware
Zero-day spyware exploits vulnerabilities that developers don’t even know exist yet—giving them “zero days” to fix the problem before hackers strike.
The most infamous example is Pegasus spyware, developed by the NSO Group.
This sophisticated tool has been used to target journalists, activists, and politicians worldwide. What makes it terrifying? It can be installed remotely without you clicking anything—no suspicious link, no app download, nothing.
Once installed, Pegasus grants complete access to messages, calls, photos, location, and can even activate your camera and microphone without your knowledge.
For everyday Android users, zero-day threats typically appear through phishing attacks that trick you into downloading malicious apps or visiting infected websites designed to look legitimate.
Pro Tip: Zero-day attacks are rare for average users. Protect yourself by avoiding suspicious links, only downloading apps from the Google Play Store, and keeping your Android OS updated.
Final Thoughts
Finding hidden spy apps on your Android phone isn’t always straightforward, but staying alert to the warning signs can make all the difference. If something feels off—whether it’s unexpected battery drain, unfamiliar apps, or someone who seems to know too much about your whereabouts—trust your instincts.
The good news? You don’t have to investigate alone. Running a free scan with Certo AntiSpy can help identify threats you might have missed during a manual check. And if you do find something suspicious, just tap “Remove” to completely erase it from your device.
Remember, your phone holds some of your most personal information. Taking a few minutes to check your device now could save you from a much bigger privacy issue down the road.
Frequently Asked Questions (FAQs)
How do I find hidden spy apps on my phone?
The most effective way to find hidden spy apps is to use a dedicated spyware detection tool like Certo AntiSpy, which scans your device for malicious software in minutes.
You can also perform manual checks by reviewing your installed apps, checking app permissions, monitoring your data usage, and ensuring Google Play Protect is enabled. Look for apps you don’t recognize, especially those with access to your camera, microphone, files or location.
Additionally, check for Device Admin apps that may have elevated permissions on your device. If you notice signs like unusually high battery drain, overheating, or someone knowing details about your activities that you haven’t shared, these could indicate spyware is present.
What names can spy apps be hidden under?
If you are concerned about hidden apps installed on your Android smartphone, some common spy app names to look out for are:
- mSpy
- Cocospy
- FlexiSpy
- PhoneSpector
- Eyezy
- Daddy’s Eye
Where would I find spy apps on my Android?
Go through all the apps on your phone, including the ones in folders, to see if there are any you don’t recognize.
You can also check your app permissions to see which apps can access your camera, microphone, and location data.
Sophia is a Senior Cybersecurity Writer at Certo, with over five years of experience writing about digital security, privacy, and emerging threats. Drawing on a background in IT and technology, she specializes in translating complex cybersecurity topics into clear, practical guidance that helps everyday users stay protected online.