How to Detect and Remove Stalkerware From Your Phone

Stalkerware is commercial spyware that someone installs on your phone to secretly monitor your calls, texts, location, photos, and browsing activity in real time. Unlike malware that targets strangers for profit, stalkerware is almost always installed by someone you know — an abusive partner, a controlling family member, or an obsessive ex. If you suspect someone is tracking your every move through your phone, this guide will help you detect and safely remove surveillance software while protecting yourself in the process.

What Is Stalkerware and How Does It Get on Your Phone?

Stalkerware apps are marketed under euphemisms like "parental monitoring" or "employee tracking," but they are overwhelmingly used for intimate partner surveillance. These apps can capture virtually everything on your device — live GPS location, text messages, call logs, photos, social media and messaging app content (including encrypted apps like WhatsApp and Signal), browsing history, and even keystrokes as you type passwords and private messages.

Stalkerware requires physical access to your phone for installation. On Android, the abuser enables installation from unknown sources and sideloads the app. On iPhone, stalkerware often requires the device to be jailbroken first, though some variants exploit configuration profiles to gain access without a full jailbreak.

Warning Signs That Stalkerware May Be on Your Phone

Stalkerware is designed to be invisible, but it cannot completely hide its impact on your device:

Behavioral Signs

• Your partner knows things they shouldn't: They reference private conversations, know where you've been, or bring up details from messages you never shared with them. This is the most telling indicator.
• Notifications disappear quickly: Some stalkerware intercepts and dismisses notifications before you can read them, or your partner seems to read your messages before you do.
• Your phone lights up or makes sounds randomly: The screen activating on its own, especially at odd hours, can indicate remote access or data transmission.

Technical Signs

• Unusual battery drain: Stalkerware runs continuously in the background, consuming significant battery. If your phone suddenly can't hold a charge like it used to, surveillance software could be the cause.
• Increased data usage: Stalkerware uploads captured data to remote servers. Check your mobile data usage for unexplained spikes or unfamiliar apps consuming bandwidth.
• Unexplained overheating: A phone that feels warm or hot when idle may be running surveillance processes in the background.
• On iPhone, the location services arrow stays lit: If the location indicator in the status bar remains active when you're not using maps or navigation, something is continuously tracking your position.
• Generic-looking apps using lots of data: Stalkerware often disguises itself with innocent-sounding names like "System Update," "WiFi Service," "Battery Optimizer," or "Phone Manager." Check your data usage for such apps consuming disproportionate bandwidth.

How to Check for Stalkerware on Android

Android is the most common target for stalkerware because the operating system allows sideloading apps from outside the Google Play Store. Here's how to investigate:

1. Check for unfamiliar apps: Go to Settings > Apps and review every installed application. Look for apps you don't recognize or didn't install, especially with generic names and no recognizable icon.
2. Review app permissions: Go to Settings > Privacy > Permission Manager. Check which apps access your location, camera, microphone, and contacts. Stalkerware will have extensive permissions that don't match its supposed purpose.
3. Check Accessibility services: Go to Settings > Accessibility. Stalkerware abuses Accessibility services to read screen content, intercept notifications, and log keystrokes. Any unfamiliar app with Accessibility access is a serious red flag.
4. Check Device Administrator apps: Go to Settings > Security > Device Admin Apps. Stalkerware often grants itself Administrator rights to prevent uninstallation. If you see an app here you don't recognize, deactivate its admin privileges before attempting removal.
5. Check for unknown sources: Go to Settings > Security and check whether "Install from unknown sources" is enabled. If you didn't enable it yourself, someone else may have done so to sideload stalkerware.
6. Look for root indicators: Apps like "SuperSU," "Magisk," or "KingRoot" indicate your phone has been rooted, which gives stalkerware deeper access to your device. If you didn't root your phone, someone else may have.

How to Check for Stalkerware on iPhone

iPhones are harder to compromise due to Apple's closed ecosystem, but they're not immune:

1. Check for jailbreak indicators: Look for apps like "Cydia," "Sileo," or "Zebra" on your home screen or in your app library. These are package managers used on jailbroken iPhones and are a clear sign your device has been tampered with.
2. Check for unknown configuration profiles: Go to Settings > General > VPN & Device Management. If you see profiles you don't recognize — especially ones not installed by your employer or school — they could be granting an attacker control over your device.
3. Review location sharing: Go to Settings > Privacy & Security > Location Services and review which apps have location access. Check Settings > [Your Name] > Find My to see who can see your location.
4. Check for unusual iCloud access: Go to Settings > [Your Name] and review devices connected to your Apple ID. Remove any you don't recognize — someone may be monitoring your iCloud data remotely.

How to Safely Remove Stalkerware

Once you've identified stalkerware, here's how to remove it — but only proceed when you have a safety plan in place:

On Android

1. Revoke Device Administrator rights: Go to Settings > Security > Device Admin Apps, find the suspicious app, and deactivate its admin privileges. Without this step, the app may block uninstallation.
2. Revoke Accessibility access: Go to Settings > Accessibility and disable the stalkerware's access.
3. Uninstall the app: Go to Settings > Apps, find the stalkerware, and uninstall it.
4. Disable unknown sources: Turn off "Install from unknown sources" to prevent reinstallation.

On iPhone

1. Remove suspicious configuration profiles: Go to Settings > General > VPN & Device Management, tap the profile, and select "Remove Profile."
2. Update iOS: Updating to the latest version of iOS can remove a jailbreak and the stalkerware that depended on it.
3. Use Apple's Safety Check: On iOS 16 or later, go to Settings > Privacy & Security > Safety Check to review and reset all sharing and access permissions at once.

When in Doubt: Factory Reset

If you can't identify the stalkerware or aren't confident it's fully removed, a factory reset is the most thorough option. Back up photos and essential files first, but do not restore from a full backup — stalkerware can persist in backups. Set up your phone as a new device.

After Removal: Secure Your Digital Life

Removing the stalkerware is only the first step. The person who installed it likely has access to far more than your phone:

1. Change all your passwords: Every account — email, social media, banking, cloud storage. Use a password manager to generate strong, unique passwords. Start with email, since it's the recovery method for most other accounts.
2. Enable two-factor authentication (2FA): Turn on 2FA for every account that supports it. Use an authenticator app rather than SMS, since your text messages may have been compromised.
3. Sign out of all active sessions: In your email, social media, and cloud accounts, sign out of all devices and remove any you don't recognize.
4. Remove your data from people-search sites: Stalkers don't just use phone spyware — they also use data broker sites to find your home address, phone number, workplace, and family members' details. PrivacyOn removes your personal information from 100+ data broker sites and continuously monitors for reappearances, cutting off another surveillance channel that abusers exploit.
5. Review account recovery options: Make sure your abuser's email or phone number isn't listed as a recovery option on any of your accounts.

Resources and Support

If you or someone you know is experiencing technology-facilitated abuse, these organizations can help:

• National Domestic Violence Hotline: 1-800-799-7233 (call or text)
• Coalition Against Stalkerware: stopstalkerware.org — a partnership of advocacy groups and cybersecurity companies fighting stalkerware
• Safety Net project by the National Network to End Domestic Violence — technology safety resources for survivors

Stalkerware is not just a cybersecurity issue — it is a tool of abuse. Detecting and removing it is an act of reclaiming your autonomy and safety. Take every precaution, lean on trained advocates, and know that you deserve a life free from surveillance.