How to detect and remove spy apps from your Android and iOS devices
Recent testimony at a federal government committee revealed that the RCMP has been using “on-device investigation tools” (ODIT) or spy apps with judicial authorization. The ODITs access and export emails, text messages, microphone recordings, camera images, and other sensitive data from your smartphone.
Without restraint or court approval, various autocratic regimes have surreptitiously installed the sophisticated spy app Pegasus on the smartphones of opponents.
These revelations significantly increased interest in checking smartphones for spy app infections. Here are the answers to the most common questions about infrequent spy app infections.
What are the signs of a spy app on my smartphone?
IMAGE LINK(S) IN EMAIL
Reading Time: 4 minutes
|NOT YET A PREMIUM MEMBER?|
The simpler ODITs, but not the more sophisticated ones, reveal themselves through one or more of the following signs:
- Lighting up or abnormal sounds when not in use.
- Surprising increase in data usage.
- Battery drain when not in use.
- Random reboots and shutdowns.
- Text or SMS messages you didn’t create.
- Suspicious files listed in the file manager you didn’t make.
- Sudden slowdowns in performance.
- Random pop-ups on the screen.
- Observable delay in shutdown.
Sophisticated ODITs can only be detected by the anti-spy apps discussed below.
How can I check my smartphone for spy apps?
Antivirus software vendors have expanded their software functionality to detect spy apps. The extent to which this software can detect the more sophisticated ODITs is debatable. This article rates some of the available software: 10 Best Spyware Removal Tools. These software packages vary in Android, iOS, Mac and Windows support.
For software to remove Android spy apps, consider one of these apps: 7 Best FREE Anti-Spy Apps for Android: Spyware Removal.
Android phone owners may find it practical to use the software built by TechCrunch: TechCrunch launches TheTruthSpy spyware lookup tool.
To better understand hackers’ ways of attacking smartphones, please view this slideshow: Has your iPhone been hacked?
Why are spy apps challenging to detect on a smartphone?
Antivirus software cannot detect the more sophisticated ODITs because they exploit zero-day vulnerabilities unknown to the developers of operating systems and antivirus applications.
ODIT infection indicators can be found in the device’s data transfer logs. The log contains information about emails, phone calls, SMS, IM messages, and other communications to a remote server. However, reading and interpreting data transfer logs requires specific software and considerable technical expertise. To learn more about data transfer logs, please read the applicable article:
How are spy apps installed?
More sophisticated ODITs are installed remotely without the smartphone owner ever having to open a document or click on a website link. Typically, the silent installation occurs through a zero-click attack that exploits vulnerabilities in apps like Apple’s Messages or Meta’s WhatsApp.
Simpler ODITs are installed directly on the smartphone by briefly stealing it from the owner.
Can I prevent the installation of spy apps?
The Apple App Store, Google Play and even websites for side-loading apps pride themselves on simple app installations. This ease of use makes preventing the installation of spy apps impossible.
Apple now offers a Lockdown Mode in iOS 16 to thwart spy apps. How successful this feature will be remains to be seen.
To reduce the risk of spy apps on Android, block unverified apps in Settings. On Google Play, ensure Play Protect is enabled.
Are there legitimate uses for spy apps?
The functionality of spy apps goes well beyond the Apple Find My iPhone or the Google Find My Device app. Spy apps are helpful for:
- Parents to monitor smartphone usage by their children.
- Organizations to monitor smartphone usage by their employees.
Hopefully, parents and organizations will be transparent about their insistence on spy apps and compliant with applicable privacy laws.
If you want to use a spy app to spy on someone else, you can evaluate the available software by reading 12 Best Spy Apps for Android Without Access to Target.
Can sophisticated spy apps be detected on a smartphone?
Amnesty Tech has developed a utility that identifies sophisticated ODITs. It is called Mobile Verification Toolkit (MVT), and its source code is available on GitHub. Amnesty Tech is part of the human rights organization Amnesty International.
MVT runs on Android and iOS. However, MVT preparation and installation are complex and require considerable expertise. MVT must be compiled for a specific device. That can be done only on a computer with Linux or macOS.
The software package iMazing, running on a Mac, among many other features, can detect Pegasus on a connected iPhone or iPad.
What is Pegasus?
Pegasus is the name of the most widely-known sophisticated ODIT and the latest example of how vulnerable we are to digital spying. It achieved widespread awareness and notoriety when it was discovered on the Android and iOS smartphones of prominent politicians, human rights activists and journalists. Many have speculated that various autocratic regimes installed Pegasus on these phones.
The Israeli cyber-surveillance company NSO Group developed Pegasus. NSO Group claims its spy app is only used to “investigate terrorism and crime” and “leaves no traces whatsoever.” However, the Forensic Methodology Report, produced by Amnesty International, shows that neither of these statements is true.
This article should help you better secure your smartphone and remove most spy apps.
Yogi Schulz has over 40 years of information technology experience in various industries. Yogi works extensively in the petroleum industry. He manages projects that arise from changes in business requirements, the need to leverage technology opportunities, and mergers. His specialties include IT strategy, web strategy and project management.
For interview requests, click here.
© Troy Media
Troy Media is an editorial content provider to media outlets and its own hosted community news outlets across Canada.