How to discover and destroy spyware on your smartphone (in pictures)
What is the difference?
Nuisanceware, also known as Potentially Unwanted Programs (PUP), often comes in software bundles together with legitimate, free programs. These types of software may take your data to sell to ad agencies but are not generally considered dangerous.
Spyware & stalkerware: These are dangerous and may steal content including photos and videos, intercept calls, allow you to be tracked via GPS, compromise conversations in apps such as Facebook and WhatsApp, and permit attackers to remotely control devices.
While spyware is a generic term for software able to perform these functions, stalkerware is a term coined for software used by attackers close to you.
Common forms of spyware and stalkerware
-SpyPhone Android Rec Pro: This spyware claims to offer "full control" over a smartphone's functions, including listening in to calls, intercepting SMS and MMS messages, sending activity reports to the operator's email address, and more.
-FlexiSpy: FlexiSpy markets itself using the slogan: "It takes complete control of the device, letting you know everything, no matter where you are."
-mSpy: mSpy for the iPhone allows users to monitor SMS messages, phone calls, GPS locations, apps including Snapchat & WhatsApp, and also includes a keylogger to record every keystroke made.
-PhoneSpector: Designed for both Android and iOS handsets, PhoneSpector claims to offer "undetectable remote access."
Spyera, SpyBubble, Android Spy, and Mobistealth are a few other examples of commercial spyware.
How does my device become infected?
Often, spyware and stalkerware require physical access to a victim's device. However, some commercial solutions will also send the victim a crafted, malicious SMS message, email, or link over social media. These messages will contain code which, if executed, will covertly install spyware apps.
What are the warning signs of spyware infection?
Your mobile device may demonstrate some signs of infection, such as randomly rebooting, suspicious OS or app behavior, as well as overheating and unexplained battery drain. However, it is important to remember that the core purpose of spyware is to remain undetected, and so there may be no symptoms at all.
How can I remove spyware?
The easiest option is simply to run a malware scan and keep a mobile antivirus solution on your device and up-to-date. However, this may not always be effective.
You should also make sure operating systems are running their latest version, and if you suspect infection, change all passwords on your online accounts and enable two-factor authentication (2FA). Making sure you have a PIN code or biometrics set up for smartphone access can also help, if you suspect the operator is close to you.
What about particular brands?
If you think the spyware below is on your device, these instructions may help:
-FlexiSpy removal: FlexiSpy may masquerade on Android devices under the name "SyncManager." If you find this app on your phone, try to uninstall it directly, and then restart your phone. However, it may also appear under another generic name, and so before deleting any apps, perform a search on the app name first.
-mSpy: To remove mSpy, instructions are here as long as you have physical access to the device. On the iPhone, you need to access Cydia, search "Installed" and look for "IphoneInternalService." Press modify and remove. Additional options to try are explained here.
If all else fails?
Performing a factory reset and clean install on the device you believe is compromised may help eradicate some forms of spyware and stalkerware. Unfortunately, however, some stalkerware services claim to survive factory resets.
So, failing all of that, consider ditching your device, as a physical object is not worth sacrificing your privacy for.