How to Detect & Remove Spyware From an Android Phone


How to detect spyware on an Android phone or tablet

Spyware is hidden by design, which makes it hard to detect. You aren’t going to see an icon on your list of apps titled “Spyware.” But there are other signs of infection that will help you locate spyware on Android devices.


To find out if your phone is tapped with a hidden spy app, look for:

  • Unexplained slowdowns or crashes. Apps take longer to load, your OS seems buggy, apps freeze, or your phone seems slower in general.
  • Battery and data drain faster. Spyware software runs quietly in the background, aiming to stay hidden, but it uses a lot of extra battery and data (when you’re not on Wi-Fi) in the process, which can result in a higher phone bill, too.
  • New or different apps or settings. Apps you don’t recall installing (including hidden Android apps), or changed settings like a new homepage or constant pop-ups, can indicate an infection.
  • Constant overheating. Normal phone usage causes some warmth, but malware can cause your phone to overheat much more than usual.

It can be tricky to diagnose the precise cause of these issues, because they could be due to another form of Android malware that needs to be removed. To make sure your phone isn’t infected with Pegaus spyware, follow our dedicated guide to Pegasus.

You also may need to speed up your Android or clean up your Android to improve problems with speed, battery, or overheating.


How to remove spyware from Android

If you suspect you have an infection, you should proceed with Android spyware removal right away. You want to remove spyware before it has a chance to expose your personal data to cybercriminals. Luckily, learning how to remove spyware from an Android phone isn’t too difficult — and you have a few options.


Option 1: Use a spyware removal tool

Unless you’re a malware expert, using a spyware removal tool is the best way to root out hidden spies and make sure you remove all traces. But be careful — you shouldn’t just go to the Google Play Store and download any old antivirus app.

There are many fake apps out there that are actually malware in disguise. Make sure you use a legitimate mobile security app from a reputable developer.

The free Avast One app includes one of the best spyware removers for Android in our free Avast Mobile Security app. It detects and removes all types of malware and prevents future infections. Here’s how to scan for spyware on your Android:

  1. Download and install Avast One. 

    Get it for PC, iOS, Mac

  2. Run an antivirus scan (Smart Scan) to detect spyware or any other forms of malware and viruses.Running a Smart Scan in Avast One for Android
  3. Follow the instructions from the app to remove the spyware and any other threats that may be lurking.

That’s all it takes to become spyware-free!

Option 2: Manually remove spyware

If you want to root out the issues on your own, here are the steps to take. First, you’ll need to reboot your phone into safe mode. Safe mode prevents all third-party apps from running, so you’ll be able to verify that your phone’s strange behavior is coming from spyware rather than a different issue.

  1. Hold down your phone’s power button to see your power off and restart options.Power off, restart, and airplane mode options in Android 7
  2. Long-press the Power off option and the Reboot to safe mode option will appear. Tap OK.Confirming the reboot into safe mode on Android 7
  3. You should be able to see that you’re in safe mode via the indication in the bottom left.Displaying safe mode on Android 7 in the left corner of the home screen
  4. Now it’s time to remove any suspicious apps that may be malicious. Open up your Settings and tap Apps or Apps & notifications depending on your version of Android.Viewing all of your downloaded apps in Android 7
  5. Sort through your apps and look for anything you don’t recognize. Once you identify the malicious app, tap Uninstall to remove it from your device. If you’re not sure, try Googling the name of the app to see if others have also had issues with it.Uninstalling a potentially malicious app in Android 7
  6. If the app is really sneaky, it may have device administrator permissions that prevent you from uninstalling it. In that case, you’ll need to remove the permissions. The process varies a bit depending on the type of phone you have and your version of Android, but you’ll need to navigate to Settings > Security > Advanced > Device Administrators.
  7. From the list of apps with device administrator permissions, uncheck the box next to the malicious app. This is also a good opportunity to check if any other suspicious apps have these permissions — if so, remove them as well.Removing device administrator permissions from any suspicious apps
  8. From the list that pops up, tap Deactivate this device admin app.
  9. Go back to your list of apps. Now you can uninstall the app that you weren’t able to before, along with anything else that looks suspicious.
  10. Restart your phone, boot it up in normal mode, and test it out.

Hopefully, you’ve removed the spyware and your phone now functions normally. If not, you may need to return to safe mode and experiment with deleting more apps or temporary files. To verify that you’ve removed the spyware, you can also perform an antivirus scan as described above.

If you suspect the spyware app might have been installed on your device by someone you know, reset your password and see if you can add extra security (like requiring a passcode or fingerprint to sign in).

If nothing works to fix your phone issues, your last option is to perform a factory reset.

Option 3: Perform a factory reset

If none of the options above works, you can perform a factory reset. A factory reset will delete everything on your phone, including the spyware. Make sure you have a backup of your phone before you do this to prevent losing your photos, apps, and other data. You’ll need to restore your phone to a backup from before you started experiencing the spyware issues.

Here’s how to wipe your device and return it to the default factory settings:

  1. Navigate to Settings > System > Reset options.
  2. Depending on which phone you have, tap Factory data reset or Erase all data (factory reset).img08Android 7's options screen for backing up and resetting the phone.
  3. Confirm by tapping Reset device.Android 7's factory reset screen, which confirms everything you'll be deleting.
  4. Your phone will ask you to confirm by typing your password or PIN.
  5. It will take some time to delete and reset everything, and your phone will then reboot as though it’s a new device.The welcome screen on Android looks the same as though the phone is new.
  6. Your phone will ask you if you want to start fresh or restore from a backup. If you use a backup, be careful to select one from before you started experiencing issues with your phone (in other words, make sure not to reinstall the spyware!).The initial setup procedures for an Asus phone running Android 7
  7. The spyware will be gone! Now consider installing an antivirus app antivirus app for Android to prevent future malware infections.

What makes spyware so dangerous?

Spyware is a particularly dangerous type of malware because it hides inside your device accessing your personal information without your knowledge. Malicious spyware is a serious threat, because it’s difficult to detect and can steal sensitive private data, such as usernames, passwords, banking details, credit card info, and location data.

Cybercriminals use malicious spying software to gain access to private data and track your behavior. Hackers can easily use data uncovered with spyware to commit identity theft, fraud, and other crimes.

(Want to skip straight to our steps for removing spyware? Jump down below to our spyware removal instructions.)

Spies usually record their subjects, and spyware is no exception. Depending on the type of spyware on your Android, it may be able to record audio or video through your device or track your browsing history or physical location. Special forms of spyware called keyloggers can even record everything you type.

When someone you know installs a spying app on your device without your permission or knowledge, it’s referred to as stalkerware. These types of apps are usually used by jealous partners, suspicious employers, or over-anxious parents.

Stalkerware is a little different than other types of spyware, because it doesn’t send your data to unknown cybercriminals but to someone you know personally. Stalkerware can be used for blackmail, extortion, or as a tool in domestic violence or abuse. As such, stalkerware is a very dangerous privacy violation.

On top of all that, spyware is designed to be invisible, which makes it hard to detect and remove.

Where does spyware come from?

Spyware can sneak onto your device in a few different ways:

  • Malicious apps. Though Google has a vetting process for the apps they allow into their Play Store, malware can sometimes slip through. For example, in 2019, Avast discovered eight stalkerware apps and reported them. Google removed the apps, but only after they had been downloaded 140,000 times.
  • Scams. Phishing and other email or SMS scams involve a cybercriminal impersonating a business or friend to trick their victim into downloading something malicious or revealing personal info.
  • Malvertising. Cybercriminals can insert malware into ads, which then get distributed through ad networks. If you accidentally click on an ad or a pop-up, you can download malicious code unwittingly.
  • Direct-to-device downloads. This is when someone gets physical access to your device and downloads stalkerware directly onto it. The spyware they place on your device may track your location or monitor your web activity and device usage. It might even be a keylogger that records everything you type.

Can all Android devices get spyware?

Spyware for Android phones is all too common and unfortunately all Android phones and tablets are vulnerable to a spyware infection. And while spyware isn’t a virus — it’s a different form of malicious software — phones can get many types of malware.

When it comes to other Android devices, like smartwatches, smart TVs, and other devices, the risk is much lower. While any device that has software and internet access is technically a potential target for malware, not all devices are equally likely to be targeted by cybercriminals. But this may change in the future, as the IoT sector becomes more and more popular.

Spyware for Android phones is all too common and unfortunately all Android phones and tablets are vulnerable to a spyware infection.

The idea of a hacker spying on, for example, all of your health data via your smartwatch is certainly unnerving. Luckily, smartwatches today essentially run as an extension of your phone. So if you properly secure your phone against spyware, your other devices should remain safe as well.

Remove spyware from other devices

It’s not just Android phones and tablets that can get spyware. See our other guides to learn how to get rid of spyware from all your devices.

Get spyware protection designed for your Android devices

Avast One gives you 24/7 protection against spyware infections, viruses, and other forms of malware. And you’ll easily detect infected apps and malicious links before they have a chance to affect your device.

Plus, get free VPN access, protection against data leaks and breaches, junk file removal, and so much more with Avast One