Spyware/Malware Checklist#

What is stalkerware?#

Mobile stalkerware (sometimes called spouseware in the context of domestic violence) is a category of surveillance software that is installed on a person’s device without their informed consent or knowledge. Its primary purpose is to monitor and exfiltrate sensitive personal data such as:

Location and movement history
Text messages and call logs
Photos and media
Browser activity and search history
App usage and notifications

Monitoring software can have legitimate, legal uses. For example:

Employers may monitor activity on company-owned devices with clear disclosure
Parents may monitor a child’s device for safety or parental control purposes.

However, stalkerware differs in that it is explicitly designed to be hidden and to collect data without the device owner’s awareness or consent. For this reason, stalkerware often exists in a legal and ethical gray area, even when marketed as “monitoring” or “parental control” software.

Some stalkerware products were originally developed for corporate or parental use cases, but are frequently repurposed for covert surveillance.

Common Stalkerware Behaviors#

To avoid detection, stalkerware commonly:

Runs silently in the background with no visible app icon
Disguises itself as a system service or generic app
Requests high-risk permissions, such as:
- Accessibility Services
- Device Administrator privileges
- Notification access
Persists across reboots
Attempts to prevent uninstallation. May notify the person who installed it about uninstallation attempts.

How Is Stalkerware Installed?#

Stalkerware is typically not installed through the Google Play Store, and instead via a process called sideloading.

In many cases:

The person installing the stalkerware has brief physical access to the victim’s device
They enable “Install unknown apps” or “Allow from this source”
They follow step-by-step instructions provided by the stalkerware vendor
The app is installed directly via APK file download

Sideloading does not require advanced technical knowledge; tutorials are widely available online, making this method accessible to non-technical users.

Protections and Detection#

1. Enable Google Play Protect#

Google Play Protect is Android’s built-in security service that:

Scans apps before download
Periodically scans all installed apps (including sideloaded ones)
Warns about or removes harmful application

To enable Google Play Protect:

Open the Google Play Store
Tap your profile icon (top right)
Select Play Protect
Review scan results and enable scanning if disabled

2. Review Accessibility Services#

Accessibility Services are intended to help users with disabilities, but they require extensive system access, making them a common target for stalkerware.

To review accessibility access:

Open Settings
Navigate to Accessibility
Select Installed apps or Downloaded apps
Review all apps with accessibility permissions
Disable access for any app you do not recognize

If you do not use accessibility features, this list should be empty or very small. Be cautious of apps with generic, innocuous names.

3. Check Notification Access#

Apps with notification access can read messages, OTPs, and other private information.

To review notification access:

Open Settings
Go to Security & Privacy (or Privacy)
Select Special app access
Tap Notification access
Disable access for unknown or suspicious apps

4. Review Device Administrator Apps#

Older versions of Android allow apps to register as Device Admins, granting powerful control over the device.

To review Device Administrator apps:

Open Settings
Go to Security
Select Device admin apps
Disable any unrecognized apps

5. Review All Installed Apps#

Some stalkerware apps hide their icons but still appear in the app list.

To review installed apps:

Open Settings
Go to Apps
Tap See all apps
Look for unfamiliar apps
You can see permissions for a specific app by tapping on it. Review permissions for access to:
- Location
- Camera
- Microphone
- Call logs
- Contacts
- Files

Anti-Malware Software#

Anti-malware apps to help detect and remove these spyware apps exist. Top Android anti-malware apps include MalwareBytes, Incognito, Protectstar Anti Spy, and AVG AntiVirus & Security; upon installing them, these will give you the option to run a scan and detect any spyware apps, and also offer features like real-time protection, permission monitoring, and automatic threat removal.

Factory Reset (Last Resort)#

If you suspect persistent stalkerware or cannot safely remove an app, performing a factory reset can remove most malicious software.

Warning: A factory reset permanently erases all data on the device! Back up important files before proceeding.

To perform a factory reset:

Back up important data (photos, contacts, files) to a trusted account or offline storage
Open Settings
Navigate to System
Select Reset options
Tap Erase all data (factory reset)
Confirm the reset and wait for the device to restart

After resetting, do not restore apps from unknown backups, as this may reintroduce unwanted software. Only reinstall apps you recognize from the Google Play Store.

Common Spyware Apps#

This is not an exhaustive list. These examples are compiled from public reports and blogs.

App	iOS or Android?	Link
iKeyMonitor	iOS, Android	https://sites.google.com/ikeymonitor.com/ikeymonitor/home
FamiGuard	iOS, Android	https://www.famiguard.com/
Hoverwatch	Android	https://www.hoverwatch.com/
Spyera	iOS, Android	http://spyera.com/
FlexiSPY	iOS, Android	https://www.flexispy.com/
eyeZy	iOS, Android	https://www.eyezy.com/
uMobix	iOS, Android	https://umobix.com/
Clevguard	iOS, Android	https://www.clevguard.com/
mSpy	iOS, Android	https://www.mspy.com/
XNSPY	iOS, Android	https://xnspy.com/
KidsGuard Pro	iOS, Android	https://www.clevguard.org/
Minspy	iOS, Android	https://minspy.com/
TrackMyFone	iOS, Android	https://www.trackmyfone.com/
Qustodio	iOS, Android	https://www.qustodio.com/en/
Eyezy	iOS, Android	https://www.qustodio.com/en/