Detecting Stalkerware: Signs & Solutions

TL;DR

Stalkerware is malicious software used to monitor someone without their consent. It’s often hidden and difficult to detect. This guide explains how to spot the signs of stalkerware on your devices (phones, tablets, computers) and what steps you can take to remove it and protect yourself.

Identifying Stalkerware: What to Look For

1. Unusual Device Behaviour: This is often the first clue. Watch out for:
   • Battery Drain: The software runs in the background, constantly using power.
   • Increased Data Usage: It sends information (location, messages, calls) to someone else.
   • Slow Performance: The device feels sluggish or freezes frequently.
   • Overheating: Constant activity generates heat.
2. Unexpected Apps: Look for apps you didn’t install.
   • Android: Check your app list in Settings > Apps. Be wary of apps with generic names or no icon.
   • iOS: iOS is more locked down, but check profiles under Settings > General > VPN & Device Management. Look for configuration profiles you didn’t create.
3. Strange Text Messages/Emails: Stalkerware often sends reports via SMS or email.
   • Check your sent items for messages to unknown numbers.
   • Review your email history for unusual activity.
4. Location Tracking: If you suspect tracking, check location permissions:
   • Android: Settings > Location > App Permissions. Review which apps have access to your location and when.
   • iOS: Settings > Privacy & Security > Location Services. Similar review process as Android.

Technical Checks

1. Android – Check for Hidden Apps (Advanced): Some stalkerware hides its icon.
   • Use ADB (Android Debug Bridge) to list all installed packages:

     adb shell pm list packages -f

     This will show *all* apps, even those not visible in the app drawer. Look for unfamiliar package names.

2. Android – Review Accessibility Services: Stalkerware often uses accessibility features to monitor activity.
   • Go to Settings > Accessibility and check which apps have accessibility access. Revoke permissions from anything you don’t recognise or trust.
3. iOS – Check for Configuration Profiles: As mentioned earlier, profiles can install malicious software.
   • Settings > General > VPN & Device Management. Remove any suspicious profiles.
4. Network Monitoring (Advanced): Use a network monitoring tool to see what data your device is sending.
   • Wireshark (PC) or similar tools can capture network traffic. This requires technical knowledge to interpret the results. Look for connections to unknown servers.

Removing Stalkerware

1. Uninstall Suspicious Apps: The simplest step.
   • Android: Long-press the app icon and select ‘Uninstall’.
   • iOS: Tap and hold the app, then choose ‘Remove App’.
2. Factory Reset (Last Resort): This erases everything on your device. *Back up important data first!*.
   • Android: Settings > General Management > Reset > Factory Data Reset.
   • iOS: Settings > General > Transfer or Reset iPhone > Erase All Content and Settings.
3. Antivirus/Anti-Malware Scan: Use a reputable mobile security app.
   • Examples include Bitdefender Mobile Security, Norton 360, Malwarebytes for Android. Run a full system scan.

Protecting Yourself

1. Strong Passwords: Use unique, complex passwords for all accounts.
2. Two-Factor Authentication (2FA): Enable 2FA wherever possible.
3. Keep Software Updated: Updates often include security patches.
4. Be Careful What You Click: Avoid suspicious links and attachments.
5. Physical Security: Protect your device from physical access by others.