What Is Stalkerware? How To Find Stalkerware Apps on Your Phone

How To Tell If Someone Has Installed Stalkerware on Your Phone

Stalkerware is a type of monitoring software secretly installed on a mobile device to track its activity. While it's often grouped in with spyware and other forms of malware, stalkerware should be taken more seriously due to its association with abusive partners and invasive employers.    

Here are some of the red flags that could indicate you have stalkerware installed on your phone: 

• Unfamiliar apps on your home screen or app list
• Apps that have been granted too many permissions (such as location tracking or camera access)
• Performance issues such as a battery draining faster than usual
• Higher than average data usage or charges on your bill
• Someone around you knows private information that they shouldn't
• Changes to your phone settings, or your phone refuses to update

These warning signs apply to stalkerware and many malware infections, so it's critical that you take immediate steps to secure your device if you notice any of the above red flags. 

{{show-toc}}

What Is Stalkerware? How Do Stalkerware Apps Get on Your Phone? 

Stalkerware is a surveillance software program used to spy on people without their knowledge. These programs can track a phone's GPS location, call logs, and keystrokes. Stalkerware can also take screenshots, intercept phone calls, and access photos, emails, and text messages. 

Named for their connection to stalking and domestic abuse, stalkerware programs pose dangers beyond the obvious invasion of privacy. 

Since 2017, at least 24 stalkerware companies have leaked sensitive customer and victim data. These programs can also undermine your phone's built-in security features, especially when they require jailbreaking or rooting of the device.

But how does your phone get infected by stalkerware? There are multiple ways that stalkers and hackers can use your phone against you, including: 

• Abusing built-in tools such as Apple’s “Find My” or Screen Time, or Google’s Family Link
• Exploiting legitimate apps marketed as employee tracking or child-monitoring tools
• “Sideloading” malware designed to spy on your devices 
• Sending you phishing links that secretly download spyware onto your device

Regardless of how or why it's been added to a device, the use of stalkerware to monitor someone without their consent is a clear form of abuse. 

A recent State of Stalkerware report identified over 31,000 victims of stalkerware in 2023, the majority of whom were Android users. 

While iPhones are generally more secure, they can be vulnerable when jailbroken. Since stalkerware installation usually requires physical access to the phone — also a requirement for jailbreaking — no device is completely safe.

How To Find and Delete Stalkerware on Your Device

While suspicious apps appearing on your homescreen can be easy to spot, many other forms of stalkerware can be difficult to detect. If you think someone might be monitoring your device, follow some or all of these steps to check for and remove stalkerware. 

Download an antivirus app for your Android device

Some stalkerware is classified as malicious spyware, which means that reputable antivirus software can detect and remove it. These programs look for common spyware apps and signatures, suspicious permissions, and hidden processes running in the background.

Note: Not all forms of spyware are flagged by antivirus software — such as when a stalker is abusing your phone’s built-in tools, or in instances of legitimate apps marketed as parental controls or employee tracking tools. 

Make sure Google Play Protect is enabled

Google Play Protect is a built-in security feature for Android devices, which scans apps and devices for harmful programs and sends warnings or deactivates them. While this feature is enabled by default, it can be turned off to sideload malicious apps onto your device. 

How to enable Google Play Protect:

• Open the Google Play Store app
• Click on your profile icon in the top right-hand corner
• Select Play Protect and Turn on if the feature is disabled

Once enabled, Play Protect will automatically scan your apps and identify anything malicious.

Check to see if your device is enrolled in a family plan

Legitimate family-tracking and parental control apps may be misused as stalkerware. Apps like Apple’s Family Sharing or Google’s Family Link can track location, purchases, and online activities. If your device has been enrolled in a family plan without your consent, someone may be monitoring your activity remotely.  

• On Android devices: Go into your device Settings and click on Google. Select Family Group and Leave family group.
• On iPhones: Go into your device Settings and click on Family or Family Sharing. Select your name and then Stop Using Family Sharing.

View all apps to uncover “hidden” spyware apps

Consider any app with excessive permissions a major stalkerware red flag. Unfortunately, these apps can hide from the home screen by disguising themselves as system apps with legitimate-sounding names, such as “System Info” or “Wi-Fi.” 

To find hidden apps, you may need to go through the device settings:

• Open your device Settings and click on Apps
• Review and check the permissions for each app
• Research any suspicious apps online before deleting them

Look for unexpected accessibility or device admin apps

Stalkerware often exploits device accessibility and administrator privileges to gain greater access and control. This may allow someone to record your screen, log your keystrokes, and transfer data from your phone without your knowledge. 

To find apps that have administrator or accessibility privileges: 

• Open your device Settings
• Click on Accessibility and Installed Apps to look for suspicious programs
• Click on Security and privacy and select More security settings
• Tap on Device admin apps to find and disable any unauthorized administrator programs

See if other apps have access to your notifications

Some types of advanced stalkerware can gain access to your notifications or even send notifications from your device to another. These apps take advantage of permissions to read your text message, phone call, and activity notifications. 

To check the notification settings on apps:

• Open your device Settings and click on Notifications or Apps and notifications
• Select App notifications or Special app access > Notification access
• Disable notifications for any suspicious or unknown apps

Check if your device is jailbroken or rooted

Jailbreaking an iPhone or rooting an Android phone bypasses the device's built-in security features and allows stalkerware to access the device's system. If you find your device has been jailbroken or rooted without your knowledge, it could be monitored and controlled remotely.  

• How to check if your iPhone is jailbroken: Check your app library for an app called Sileo, which is a tool that allows you to load apps not found in the official App store —  and could indicate it's been jailbroken.
• How to check if your Android device is rooted: Open the device Settings and click on About > Status information. Ensure that the Phone Status is set to Official (not rooted), not Custom (rooted).

NOTE: Restoring your phone to its factory settings may remove tampered apps and settings, but some jailbroken iPhones and many rooted Android phones may be more difficult to restore. For guidance, seek out professional technical support. 

Look for unknown devices on your Google or Apple accounts

The use of stalkerware apps isn’t the only way for someone to spy on your device. Stalkers can monitor your messages and activities simply by logging in to your accounts from another device. While you may receive notifications about these logins, it’s best to manually check to see if any other devices have access to your accounts and information.  

• On Apple: Open your device Settings and click on your name. Scroll down to the Device section and review and remove any unfamiliar devices. ‍
• On Google: Click on your profile and select Manage yourGoogle Account > Devices or visit myaccount.google.com/security. Remove any devices that you don't want or don't recognize.

What To Do If You’ve Found Stalkerware on Your Phone

If you discover — or even suspect — the presence of stalkerware on your phone, the best course of action is to get a new, secure device. 

If that's not an option, performing a factory reset can return your phone to its factory settings with only the default apps. While this will likely remove stalkerware from your phone, it will also delete your photos and files, so back up all of your important data first (if possible).  

Once your device is cleaned, it's crucial that you take preventative steps to stop the stalker from reinstalling the spyware. 

Here are some things you can do to protect your device and yourself: 

• Ensure your own safety. If you're being stalked, you could be in danger. Before you do anything, consider contacting law enforcement — or the National Domestic Violence Hotline if you suspect that you’re being stalked by an intimate partner.  
• Document any signs of stalking or monitoring. Keep a record of anything suspicious about your device (or the people around you) that could be used as evidence. 
• Remove unfamiliar or suspicious apps from your device. Go through your app list and remove any apps that you don't recognize, especially those that have suspicious access and permissions.
• Update your device’s operating system. Updating your operating system in your device's system settings can patch vulnerabilities and block some types of spyware.
• Check your laptop or desktop computer for signs of malware. Run an antivirus software on all of your computers and devices to ensure that they aren't also compromised. 
• Secure your online accounts — particularly email and social media. Set up new and strong passwords and two-factor authentication (2FA) on your accounts to lock out unauthorized users.
• Set up auto-lock on your phone. Enable a short auto-lock timer and a complex passcode or biometric security login to prevent further access to your device. 
• Be aware of who has access to your phone. Avoid leaving your phone unattended, and think twice about letting others handle it. 
• Only download apps from official app stores. Stick to the Apple and Google Play stores for official (and reviewed) iOS and Android apps.
• Install digital security tools. Add a password manager, virtual private network (VPN), and Safe Browsing tools to your device to protect your login credentials and online activities. 

The Bottom Line: Stay Safe Against Online Stalkers and Hackers

The use of stalkerware is a major violation of privacy and a serious form of abuse. 

If you find stalkerware on your device, it's imperative that you deal with the situation carefully so as not to put yourself in more danger. 

First, seek out help if you need it. Check out the National Network to End Domestic Violence for more information and resources. Then, replace or clean out your device and take the necessary steps to secure it. 

Finally, consider Aura for comprehensive protection against malware, hackers, and scammers. Aura also alerts you to data and password leaks, account breaches, and identity theft — while providing generous insurance coverage and 24/7 U.S.-based support to help you recover quickly if something does happen.