What if your phone calls, texts, FaceTime sessions, and GPS locations were being logged without your consent? What if they were all being sent to a tech-savvy stalker—often a former romantic partner or an abusively controlling current partner—who had gotten malware onto your phones, tablets, and PCs, effectively bugging them? That’s the unsettling job of stalkerware, a type of commercially available software designed to spy on victims without being detected.
Stalkerware can operate stealthily, so you probably wouldn't know if your devices had it installed. The apps are easy to find via a simple web search, too. According to researchers at Cornell University, apps marketed for non-nefarious purposes like device location or child monitoring are potential stalkerware in the wrong hands. We're here to help you understand what stalkerware is and how to remove it from your devices.
Is Stalkerware Legal?
Make no mistake: Stalkerware is a form of abuse. According to the Coalition Against Stalkerware (CAS), this type of software “may facilitate intimate partner surveillance, harassment, abuse, stalking, and/or violence.”
Stalkerware programs’ legality is vague in most countries. In many places, the software itself can be distributed legally. Using stalkerware to monitor someone, however, may be a punishable offense. The people who create stalkerware usually mention this in the terms and conditions, stating that you must not use the software in a manner that is illegal in the country or territory in which you live.
Stalkerware is often marketed as a way to spy on current or former romantic partners, but it can also be found packaged as child-monitoring software or employee-tracking solutions. Abusers can use seemingly innocuous utilities and built-in parental control apps like the “Find My” and Screen Time functions on Apple devices to monitor their partner’s whereabouts and activity. Google's Family Link application can be similarly used and abused by stalkers to track survivors or limit the sites they can access.
Who Else Is Listening to Your Phone?
We asked Victor Chebyshev, a lead security researcher at Kaspersky, for some suggestions for uncovering stalkerware on devices. He said that malware of any kind is usually hard to find because it is designed to remain hidden and run in the background on a device.
(Credit: Antonio Guillem/iStock/Getty Images Plus)That said, there are some signs you should look for when it comes to detecting stalkerware. First, take a look at your phone’s battery life. If the battery suddenly starts draining quickly, you may have some stalkerware running in the background.
If your phone or tablet constantly overheats, that’s another possible sign that a stealth program is running on it. You'll also want to examine your mobile plan's data reports. If you see very high data traffic growth within a short time period and haven’t changed your usage recently, stalkerware may have been installed on your device.
You should also check the app permissions settings on your phone. “Stalkerware applications may be disguised under a wrong name with suspicious access to messages, call logs, location, and other personal activity,” Chebyshev said.
How Do You Get Stalkerware?
Apple and Google claim that they don't allow known stalkerware apps in the Play Store, but some apps do manage to slip through their surveillance. Other apps can be side-loaded onto phones (meaning they are downloaded from the internet, not through the App Store or Play Store, and installed on the phone). Side-loaded apps require someone with access to your phone to have it in their physical possession, so if you’re having your phone repaired or set up by someone else, they may have the opportunity to install stalkerware.
(Credit: Boonchai Wedmakawand/Moment via Getty Images)There are also companies that sell low-cost fake iPhones. The dupes run modified versions of Android that look like iOS, and they come preloaded with malware. A stalker could gift one of these phones and exert any manner of control over another person from a distance.
It’s not easy to tell if you have a jailbroken iPhone. There are dubious apps on the market that claim to tell you whether your phone is jailbroken, but the best way to know your phone's history is to buy it yourself, directly from Apple.
How to Remove Stalkerware From Your Phone
One important note: a safety plan for the abuse survivor should be in place before removing stalkerware. The very act of getting rid of the software may encourage the perpetrator to escalate the situation and pose a safety risk. Also, consider preserving evidence of the stalkerware to pursue legal action.
There are two ways to delete stalkerware from your device: Use security software to detect and delete the stalkerware or perform a factory reset on the phone. The factory reset will remove the offending app and take all the rest of your data with it, so you should back up your important data before using this tactic.
The advantage of the factory reset method is that you don't need to know whether you have stalkerware or even be able to detect it. If you suspect an abuser might have installed it on your phone, you can reclaim at least some of your peace of mind simply by performing this reset.
Your Computer Might Also Be Bugged
(Credit: Cecilie Arcurs/E+ via Getty Images)Chebyshev says stalkerware for desktops and laptops is rare, but it does exist. As with mobile devices, it's often packaged and sold as parental control or employee monitoring software. Of course, there are still old-fashioned keyloggers out there, too.
If you suspect your computer is infected with stalkerware, it’s best to use an antivirus tool to scan the computer and detect the software. Once the software is detected, antivirus software should also be able to help you remove the stalkerware. For persistent and hard-to-remove apps, you might also try downloading a free cleanup-only antivirus tool, such as Editors' Choice winner Malwarebytes Free.
If neither of these approaches works, you should go back to your main antivirus software and look for the Rescue Disk or a similarly named feature. This will allow you to make a disk image that creates a bootable USB or DVD with a built-in antivirus scanner. Because the rescue disk runs a non-Windows operating system, Windows-based malware can't resist it. Boot from the Rescue Drive and run a full scan of your drive. This should find and eliminate just about everything you might be facing.
Removing Stalkerware Is Just the First Step
You’ve found stalkerware on your device. You’ve removed the software. Now what? You'll want to take stock of any other ways people might be tracking you. Do you have any unexpected Apple Airtags in your car, your coat pockets, or your bags? You'll want to check. Apple is working on making them less easy for stalkers to exploit, but there is still potential for misuse.
You'll also want to tighten up the security on your devices now that they are clean. Password protect all your devices with new, strong, individual passwords. Immediately change the passwords for your email, social media profiles, banking, and any other important accounts, too. Use hard-to-guess passwords and keep them in a password-protected password manager. Do not let other apps store or save your passwords for you. Set up multifactor authentication for your accounts. You'll want to set up an authenticator app for most log-ins.
Make sure to keep your devices either with you, or physically secured. Having physical access to your devices can make a stalker's job easier.
Finally, if you believe you are experiencing stalking, spying, or any form of monitoring without your consent, visit the CAS Resources page to find local help and support groups.