How to Tell if Your Phone Is Rooted: 6 Reliable Checks

Have you ever wondered if someone might have rooted your Android phone without your knowledge? Maybe you bought a second-hand device, or you’ve noticed unusual behavior that has you concerned.

Root access gives someone complete control over your device—and that can be a serious security risk if you didn’t authorize it.

Rooting is similar to Jailbreaking on an iPhone. Both processes remove built-in security restrictions, but rooting is more common and easier to hide. In 2024 alone, over 1,000 devices scanned with Certo AntiSpy were found to be rooted—many without the owner’s knowledge.

The concerning part? A rooted phone makes it easier for spyware and malicious apps to access sensitive data that would normally be protected.

The good news is there are several reliable (and free) ways to check if your Android phone has been rooted. We’ll walk you through six proven methods that work on modern Android devices, plus explain what to do if you discover your phone has been compromised.

Quick Root Detection Methods

Before diving into detailed steps, here’s a quick overview of the six most reliable ways to check if your Android phone is rooted:

• Check for root apps → Look for Magisk, SuperSU, or other root manager apps.
• Boot warnings → Watch for “bootloader unlocked” messages on startup.
• Root detector app → Use Certo AntiSpy or similar security apps.
• File manager test → Try accessing protected system folders.
• Device status → Check Samsung’s “Official” vs “Custom” indicator.
• Terminal command → Run su command to test for root shell access.

1. Check for Root Manager Apps

The most straightforward way to detect rooting is to look for root management apps on your device.

Root managers are essential for granting superuser permissions to other apps. If someone rooted your device, they almost certainly installed one of these apps to manage root access.

What to look for

• Magisk (package name: com.topjohnwu.magisk) – The most popular modern root solution.
• SuperSU (package name: eu.chainfire.supersu) – Older but still used root manager.
• Other root apps – KingRoot, Framaroot, or similar apps.

How to check

1. Go to Settings.
2. Tap Apps.
3. Search for “Magisk,” “SuperSU,” or “root”.

Fig 1. Finding Root Manager apps on Android.

2. Look for Boot Warnings

If your phone shows warning messages during startup, pay attention—they could reveal unauthorized modifications. Many Android devices display bootloader unlock warnings when the system has been tampered with, and since most rooting methods require an unlocked bootloader, these warnings are often the first clue that your device might be rooted.

Common warning messages

Samsung devices: “The bootloader is unlocked and the integrity of the operating system can’t be guaranteed.” displayed when turning the phone on.

Motorola devices: “Warning Bootloader Unlocked” displayed when turning the phone on.

Oppo, Realme or Vivo devices: “Orange State” warnings with countdown timers before normal boot.

3. Use a Root Detection App

Many third-party apps can detect rooting by checking for multiple indicators that would be time-consuming to verify manually. Certo AntiSpy provides a quick, reliable way to check for root access while also scanning for spyware and other security threats.

How to use Certo AntiSpy

1. Download Certo AntiSpy from Google Play.
2. Open the app and tap Scan Now.
3. Review the results for root detection and other security issues.
4. Follow any recommended actions to secure your device.

Fig 3. Check if your phone is rooted with Certo AntiSpy.

Why use a security app

Certo AntiSpy checks for root access alongside other security threats like spyware, malicious apps, and dangerous settings. This gives you a comprehensive view of your device’s security status in one scan.

4. Test Root Access with File Manager

Root access allows apps to read and modify protected system files that are normally off-limits to regular applications. You can test this by trying to access restricted directories using a file manager. If your device is rooted, you’ll be able to browse areas that should be blocked.

What you’ll need

A file manager app that supports root access, such as:

• Solid Explorer (has root browsing option).
• Root Browser (designed specifically for root access).
• ES File Explorer (older versions support root).

How to test

1. Install a root-capable file manager.
2. Enable Root access or Root explorer in the app settings.
3. Try to navigate to protected directories like:
   • /system
   • /data
   • /root
4. Try to create a simple text file in these locations.

What to expect

• If rooted: The app will request superuser permission, and you’ll be able to browse and create files in protected directories.
• If not rooted: You’ll see “Permission denied” errors or won’t be able to access these directories at all.

5. Check Phone/Device Status (Samsung)

Samsung devices include a useful indicator that can reveal if the system has been modified. This built-in feature shows whether your phone is running official Samsung firmware or custom software—making it one of the easiest ways to spot potential rooting on Samsung phones.

How to check on Samsung

1. Go to Settings → About phone.
2. Tap Status information.
3. Look for Device status or Phone status.

What the indicators mean

• Official: Your phone is running stock, unmodified Samsung firmware—this is what you want to see.
• Custom: The firmware has been modified or replaced, which is a strong indicator of rooting.

Fig 4. Checking Phone Status on Samsung.

6. Use Terminal Emulator

The terminal method directly tests for the presence of superuser access by attempting to run commands as the root user. This is one of the most reliable detection methods because it goes straight to the core of what rooting actually does—giving you administrative control over your device.

What you’ll need

A terminal emulator app like:

• Termux
• Terminal Emulator for Android
• Material Terminal

How to test

1. Install a terminal emulator app from Google Play.
2. Open the app.
3. Type su and press Enter.
4. Observe the response.

Interpreting results

☠️ Rooted device:

• A superuser permission popup appears.
• Command prompt changes to # (indicating root shell).
• Running id shows uid=0(root).

🛡️ Non-rooted device:

• Error message: “su: not found” or “Permission denied”.
• No permission popup appears.
• Command prompt remains as $.

Why One Check Isn’t Enough

Modern root hiding technology has become surprisingly sophisticated. Tools like Magisk can completely conceal root access from banking apps, security software, and even some detection methods we’ve covered.

Root hiding tools work by targeting specific detection methods. A single check might miss a well-concealed root because the hiding software was designed specifically to fool that particular technique.

However, it’s much harder to fool multiple different detection methods simultaneously. Using several approaches dramatically improves your chances of catching unauthorized access.

The most effective strategy is combining at least three different methods: check for physical evidence (boot warnings, root apps), test actual functionality (file access, terminal commands), and run a comprehensive scan.

What to Do If Your Phone Is Rooted

If you discover your phone has been rooted without your authorization, don’t panic—but do act quickly. Unauthorized root access can leave your personal data vulnerable to theft and monitoring. Take these steps immediately to secure your device and protect your privacy:

1. Run a comprehensive security scan

Use Certo AntiSpy to scan for spyware, malware, and other security threats that may have been installed alongside root access.

Beyond detecting threats, Certo provides comprehensive protection, including Breach Monitoring to check if your accounts have been compromised, Intruder Detection to catch unauthorized access attempts, and Real-Time Protection to prevent future attacks.

2. Change important passwords

Update passwords for all important accounts, as rooted devices can allow keyloggers and spyware to capture your login credentials:

• Google account
• Banking apps
• Social media accounts
• Email accounts
• Any sensitive applications

3. Review app permissions

Check which apps have sensitive permissions and revoke unnecessary access to:

• Location data
• Camera and microphone
• SMS and call logs
• Contact lists

4. Consider removing root

Rooting can create major security vulnerabilities in your device. If you didn’t authorize the rooting:

• Use the root manager’s uninstall option (if available).
• Flash stock firmware to completely remove modifications. Note: This process can be complex and may void warranties.

5. Factory reset

As a last resort, perform a complete factory reset to ensure all unauthorized modifications are removed. Be sure to back up any important data first as this will wipe your device.

Wrapping Up

Finding out if your Android phone is rooted doesn’t have to be complicated. By using multiple detection methods—from checking for root apps to testing terminal access—you can get a clear picture of your device’s security status.

Remember, a rooted phone isn’t automatically dangerous if you authorized it yourself. But if you discover unauthorized root access, it’s important to act quickly to protect your personal data and privacy.

If you’re still unsure about your phone’s status after trying these methods, running a comprehensive scan with Certo AntiSpy can give you definitive answers while also checking for other security threats.

FAQs

Is “bootloader unlocked” the same as rooted?

No. An unlocked bootloader allows installing custom firmware but doesn’t automatically provide root access. However, it’s a prerequisite for most rooting methods, so devices with unlocked bootloaders are more likely to be rooted.

What is Magisk and why is it important?

Magisk is the most popular modern rooting solution that provides “systemless” root access. It’s important because it can hide root from apps and security checks, making it harder to detect through simple methods.

Why does my Samsung phone say “Custom” status?

A “Custom” device status on Samsung phones typically indicates modified firmware, which often includes root access. This is Samsung’s way of letting users know the device software has been altered from the original factory state.

Can root hiding completely fool all detection methods?

While modern root hiding is sophisticated, using multiple detection methods significantly improves accuracy. Tools like Magisk can fool individual checks, but combining boot warnings, file access tests, terminal commands, and security apps makes detection much more reliable.

What should I do if my device is rooted but I didn’t authorize it?

Immediately scan for malware with a security app, change your important passwords, review app permissions, and consider removing root access or performing a factory reset. This could indicate your device has been compromised.