Covert phone surveillance apps – also known as stalkerware or spyware – are a growing digital threat. These hidden apps are installed on smartphones to secretly monitor the victim’s activities, communications, and location. Such software is often marketed as parental control or employee monitoring tools, but in reality they are frequently used by abusive partners or others to spy on iPhone and Android users without consent.

Below is a comprehensive overview of the most common spy apps in 2025, their capabilities, how they are installed (with or without rooting/jailbreaking), and detailed steps to detect and remove them on both Android and iOS devices.

Popular Spyware Apps in 2025 and Their Capabilities

Note: These apps typically run in stealth, hiding their icon and disguising themselves as system services. They can harvest a wide range of personal data from the target device.

Cross-Platform Spy Apps (Android & iPhone)

• mSpy:
  One of the best-known spyware brands, mSpy is marketed for parental control but widely misused for spying. It logs call history, text messages, emails, and browsing history, tracks GPS location, and monitors popular social media and chat apps (WhatsApp, Facebook, Instagram, etc.). mSpy can even record keystrokes on the device and take periodic screenshots. On iPhones it offers a “no-jailbreak” option by using the target’s iCloud backups (no software on the phone), while full features on a jailbroken iPhone or rooted Android include real-time monitoring of apps like WhatsApp and Snapchat. It runs hidden in the background (no home screen icon) and continuously syncs data to an online dashboard for the person spying.
• FlexiSPY:
  A highly invasive spy app that bills itself as “the world’s most powerful” monitoring software. FlexiSPY can intercept and record live phone calls (unique among spy apps), monitor all communications (calls, SMS, emails, chats) on the device, activate the microphone for ambient listening, track GPS location, log keystrokes, and steal photos/videos. It effectively takes complete remote control of the phone or tablet. FlexiSPY is 100% hidden and requires the device to be rooted (Android) or jailbroken (iPhone) for installation. Once installed, it runs at a deep system level – security firms have labeled FlexiSPY as malware given its ability to steal data and remotely control devices without user knowledge.
• Spyera:
  Another full-featured spyware app similar to FlexiSPY. Spyera works on Android, iOS, Windows, and Mac, providing call tapping and recording, ambient listening via microphone, keylogging, GPS tracking, and monitoring of texts, emails, and IM chats. It can even secretly record the phone’s surroundings and upload the audio. Spyera runs in stealth mode and typically requires rooting or jailbreaking for the most advanced features. Note: Many users report unreliable performance and poor support for Spyera despite its broad capabilities.
• XNSpy:
  An espionage app often promoted for employee monitoring, but also used in stalkerware incidents. XNSpy offers GPS location tracking, call logging, reading of SMS and messenger chats, access to contacts and media, and even remote microphone activation. It can monitor social media apps and record keystrokes as well. XNSpy is available for both Android and iPhone; full surveillance features may require rooting/jailbreaking, although it also leverages accessibility services on standard Android installs. Researchers frequently flag XNSpy in stalkerware reports due to its invasive capabilities.
• uMobix:
  A newer entrant known for deep device access. uMobix supports Android and iOS, claiming to monitor nearly all device activities in real time – including calls, texts, chat apps, location, photos, and more. On Android it can leverage accessibility to capture social media chats and even live screen streaming, while on iPhone it uses iCloud backup syncing (no jailbreak needed) for a subset of data. uMobix runs hidden and does not require root for basic features, though some advanced functions (like certain messenger logs or camera activation) may only work on rooted devices. It is marketed for parental use but effectively functions as spyware with full stealth.
• eyeZy:
  A cross-platform spy app advertised as a “next generation” phone tracker. eyeZy can track SMS, call logs, emails, GPS location, web browsing, and messages on apps like WhatsApp, Facebook, Snapchat, etc.. It also includes a keylogger to capture everything typed. In practice, eyeZy’s capabilities are robust on paper – however, tests have found that many advertised features may not work reliably. It operates hidden on the device. eyeZy does not strictly require root/jailbreak for installation; on Android it uses the usual trick of abusing permissions (accessibility, device admin) to gather data without root.
• Cocospy and Spyic:
  Cocospy (and its close variant Spyic) are popular mobile spyware apps that offer remote monitoring of calls, texts, contacts, browser history, and messaging apps. They are slightly less comprehensive than the top-tier spy apps – for example, Cocospy can monitor WhatsApp messages, call logs and set GPS geofence alerts, but it lacks more extreme features like call interception or ambient recording. These apps emphasize ease of use and stealth. They typically do not require rooting; instead they ask for broad permissions on Android, or iCloud credentials for iPhone monitoring. Cocospy/Spyic run hidden and are often sideloaded (since they aren’t in official app stores).
• Highster Mobile:
  An older but still-active spy app that works on Android and iPhone. Highster Mobile enables remote access to texts, call logs, GPS location, photos, and more on the target device. It advertises support for monitoring social media and messaging apps as well. Notably, Highster requires a rooted Android for installation (which both voids the warranty and increases the risk of detection). Users have reported that Highster often fails to perform as advertised, with many features not functioning and poor customer support. Nevertheless, if successfully installed, it operates covertly to harvest data.
• KidsGuard Pro (by ClevGuard):
  A commercial “parental control” app with versions for Android and iOS. KidsGuard Pro can track call history, SMS, live GPS location, and even record the device’s screen. It monitors popular chat apps (WhatsApp, WeChat, Snapchat, etc.) and can set keyword alerts (notifying the spy if the user types or receives certain words). On Android, KidsGuard abuses the Accessibility service to capture keystrokes and messages (it was caught masquerading as a “Device Health” service in settings). On iOS, KidsGuard’s capabilities are more limited (relying on iCloud syncing of logs). It runs in stealth, and does not require root or jailbreak for its basic monitoring, making it a favored tool for non-technical spies.
• SpyBubble:
  An espionage app that explicitly markets itself for catching a cheating spouse. SpyBubble claims to track SMS, emails, phone call logs, and even encrypted messengers like Signal. It also offers remote device control features – for instance, the ability to block certain contacts or apps on the target phone. SpyBubble runs hidden and supports both Android and iPhone (with iCloud-based monitoring on iOS). Its feature set includes location tracking and possibly ambient recording, though like many such apps its reliability is questionable. SpyBubble’s promotion of spying on partners without consent is illegal in many regions, highlighting its intended (abusive) use-case.
• iKeyMonitor:
  A specialized spyware app known primarily for its keylogging abilities. iKeyMonitor works on jailbroken iPhones and on Android devices, capturing every keystroke typed (including passwords, messages, search queries). In addition, it can log SMS, call details, GPS location and take periodic screenshots. On Android it may also record calls or surroundings. iKeyMonitor often operates as a hidden keylogger that users deploy to secretly record everything typed on the phone. It requires root (Android) or jailbreak (iOS) to unlock its full set of features (especially on iOS, where it’s one of the few keylogger options). Once installed, it hides in the background and sends logs to the abuser’s account.
• Other notable mentions:
  Spyzie (a once-popular spy app, now largely discontinued or rebranded), Hoverwatch (an Android/Windows/Mac spyware that records calls, texts, camera photos, and tracks virtually all messaging apps), and Bark/Qustodio/Life360 (legitimate family safety apps that can be misused for stalking). Additionally, some spyware is sold under different names or white-label brands; many have overlapping capabilities. All of these tools aim to remain invisible and collect as much private data as possible from the device.

Android-Only Spy Apps and Tools

• TheTruthSpy (and variants):
  TheTruthSpy is a free Android spy app that offers many features of paid spyware. It can track GPS location, record calls, read text messages, and monitor certain chat apps like Viber or Snapchat. It runs stealthily and has been circulated on various hacker forums. TheTruthSpy gained notoriety in 2022 when a serious vulnerability exposed its entire customer data stash to hackers – underscoring the risk of these apps leaking stolen data. (Related clones include Copy9 and others, which are essentially repackaged versions of TheTruthSpy.) Installation typically requires enabling “Unknown Sources” on the Android device and granting extensive permissions.
• AndroidLost:
• Originally an anti-theft app, AndroidLost has been repurposed as spyware because of its powerful remote control features. Once installed on an Android phone, it can read all SMS messages and remotely control the device – for example, it can secretly take photos with the camera, send spoofed messages, forward calls, and more. It essentially allows a stalker to issue commands to the phone as if they had it in hand. AndroidLost used to be on Google Play but was removed due to abuse concerns. It must now be sideloaded and hidden manually.
• TrackView:
  TrackView is a phone app that turns a device into a remote surveillance camera and GPS tracker. It is designed for family tracking (available even on Play Store), but when misused it becomes covert spyware. With TrackView, an abuser can remotely access the phone’s microphone and cameras to spy on surroundings in real time, track the phone’s location, and get motion or sound alerts. Kaspersky reported that TrackView was the most commonly detected mobile spy tool worldwide in 2023, involved in thousands of stalkerware incidents. While it lacks keylogging or text interception, TrackView’s ease of use and legitimate veneer make it popular among non-technical spies.
• Cerberus:
  Cerberus is another app originally meant for phone anti-theft, but flagged in stalkerware statistics. If installed with the right options, Cerberus hides on the device and allows remote control via web or SMS commands. An abuser can track GPS location, grab call logs, SMS, and even record audio or take pictures using Cerberus. It requires manual installation (it’s no longer in app stores) and often needs device admin privileges. Cerberus exemplifies how apps that don’t explicitly market as “spy apps” can still be used for covert surveillance.
• Reptilicus:
  A spy app prevalent in some regions (the name suggests Russian origin), Reptilicus is frequently detected in the wild. It operates only on Android and offers the usual array: intercepting texts, call audio recording, live GPS tracking, access to photos, and even recording ambient sound. Reptilicus often spreads via illicit marketplaces. Like others, it hides its icon and runs at startup to ensure continuous spying. Security reports listed “Reptilic” (Reptilicus) among the top five stalkerware apps globally by usage.

(The above lists are not exhaustive – there are dozens of such apps in circulation. However, the apps named are among the most common and active in 2025 for spying on mobile devices.)

Installation Methods: Rooted/Jailbroken vs. Non-Root Surveillance

Surveillance apps often require elevated device access to fully spy on someone. Many of the advanced capabilities (recording calls, reading other apps’ messages, keylogging, etc.) only work if the attacker can bypass the built-in security of the OS. This is typically done in one of two ways:

• Rooting (Android) or Jailbreaking (iPhone):
  This is the process of removing the operating system’s security restrictions. Spy apps like FlexiSPY and Spyera explicitly state that you must root or jailbreak the device to install them or unlock their most powerful features. A rooted/jailbroken phone allows the spyware to gain deep system privileges, meaning it can hook into calls, intercept messaging databases, and remain more hidden (sometimes even persisting across factory resets in extreme cases). Example: On a jailbroken iPhone, an app can run continuously in the background and hide from the app list, which would be impossible under Apple’s normal sandbox. Jailbreaking an iPhone or rooting an Android greatly expands what spyware can do – but it also leaves more evidence (the device shows signs of being tampered, and advanced security tools can detect this state).
• Non-Root (Standard) Installation:
  Many modern stalkerware apps have adapted to work on non-rooted Android devices by abusing legitimate permission features. On Android, this often means exploiting Accessibility Services and the device admin APIs to gain broad access without true root. For example, the spyware will prompt for accessibility permissions, which allow it to read screen content and keystrokes (capturing messages from other apps). It might also request to be a Device Admin app, preventing easy uninstallation and enabling remote control capabilities. While not as powerful as root access, this method still lets the spyware log a lot of data (notifications, texts, call logs, etc.) with fewer installation hurdles. On iOS (iPhones without jailbreak), spyware cannot be installed as an invisible app due to Apple’s restrictions. Instead, “no-jailbreak” iPhone spyware relies on cloud backups – the attacker must know the target’s iCloud credentials, then the spyware service pulls down iCloud backup data (messages, photos, contacts, etc.) periodically. Another non-jailbreak iOS method is abusing Apple’s Mobile Device Management: an abuser with brief access to the phone could install an MDM configuration profile that grants remote monitoring of some aspects (like location and app usage). However, non-jailbroken iPhone monitoring is far more limited than on a jailbroken device – typically only providing indirect access to synced data, not real-time spying.

In summary, root/jailbreak yields the most invasive spying (at the cost of a more complex install), whereas non-root methods rely on social engineering (getting the victim to accept a malicious profile or permissions) and have slightly reduced capabilities. Many spyware vendors offer both options: e.g. mSpy lets you choose between a full-install (requiring jailbreak) or a limited no-jailbreak/iCloud version. Regardless of method, the spyware installer almost always needs physical access to the phone for a few minutes to sideload the app or configure the device (remote installation is rare, though phishing-based methods exist in theory).

Detecting Spy Apps on Android Devices

Despite their stealth, spyware apps can often be uncovered with careful inspection. If you suspect your Android phone is being spied on, use the following technical methods to detect hidden spy apps:

• Unusual Battery or Performance Signs:
  If your phone is running warmer than usual, lagging, or the battery is draining abnormally fast, it could indicate a spyware app working in the background. Constant GPS tracking, audio recording, or data transmission by stalkerware will consume extra battery and CPU. Check Settings > Battery to see if any unknown app or service shows significant usage. Similarly, monitor your data usage – many spy apps upload large amounts of data; unexplained spikes in mobile data (hundreds of MB or more) could be a red flag.
• Presence of Strange or Disguised Apps:
  Spyware often masquerades under innocent names like “System Service”, “Device Health”, or “Security Settings” to avoid suspicion. Go to Settings > Apps (or App Manager) and review the full list of installed applications (including system apps). Look for anything you don’t recognize or that sounds oddly generic. For example, an app simply named “Accessibility” or “Device Admin” should not normally be present. In Android settings, scrolling to the bottom of the app list may show custom-installed apps. If an app has no icon or uses a very generic icon and name, investigate it. (You can also use ADB or specialized tools to list all installed packages, if you are technically inclined.) Any unfamiliar app is cause for concern – Google it or compare it against known spyware names (see the list above). If confirmed malicious, plan to remove it (as described in the removal section below).
• Check Accessibility Services:
  Since many stalker apps abuse Android’s Accessibility Service, check Settings > Accessibility > Installed Services. If you are not actively using any accessibility app (screen reader, etc.), this list should ideally be empty. Disable any service that you did not enable yourself, especially those with vague names. For instance, seeing “KidsGuard” or “System Service” listed as an accessibility service is a strong indicator of spyware. Turning it off will stop the app from snooping via accessibility (though the app may attempt to persuade the user to re-enable it through fake warnings).
• Check Notification Access:
  Similarly, go to Settings > Apps > Special App Access > Notification Access. See if any unknown apps have permission to read your notifications. Spyware often requests notification access to capture incoming messages and alerts from other apps. In this menu, you might spot a fake “Service” that is allowed to read notifications. Revoke notification access for any suspicious entry. Normally, only apps like Android Auto or wearable device apps might legitimately appear here – a random service should not.
• Device Admin Apps:
  Some Android spyware installs itself with Device Administrator privileges to prevent easy removal and gain deeper control. Check Settings > Security > Device Admin Apps (the menu might be under “More security settings” on newer phones). If you see an admin app that you don’t recognize or that shouldn’t be there (e.g. an app called “System Update” or “Security Service” that isn’t from Google), that is likely the spy app. Disable (deactivate) the admin permission for it. Most regular users will have zero apps in this list (or just Google’s Find My Device). Any extra entry is suspicious.
• Hidden Apps in App Drawer:
  Some spyware hides its icon from the home screen launcher. However, you can go into the App Drawer or App Library and enable viewing of all apps, or use the Settings > Apps list as mentioned. Certain phone models also allow searching for apps in settings by name. If you know specific spyware names, try searching your device for terms like “spy”, “monitor”, “stealth” or known app names (“Flexi”, “mSpy”, etc.). Keep in mind the app may use a different name to hide (for example, TheTruthSpy might install under the package name “fm.sketch” or similar). If nothing obvious is found but suspicion remains high, consider using an anti-malware scanner (see below).
• Unusual Permissions and Behaviors:
  Even if you can’t see a rogue app directly, there are clues. Check Settings > Privacy > Permissions Manager (or on older Android, Settings > Apps > [app name] > Permissions) for any oddities. If a system-sounding app has access to your SMS, microphone, camera, location, contacts, or storage, that’s a red flag. For instance, a fake “Device Health” app with permission to track your location or record audio is certainly malicious. You may also notice the device staying active (screen waking up briefly) at odd times, or hear background noises during calls (if calls are being recorded or intercepted). These subtle signs should prompt a closer look.
• Security Scans:
  Use a reputable mobile security app that specifically detects stalkerware. Many antivirus apps now flag common spyware signatures (often labeled as “Monitor” or “Not-a-Virus” threats). For example, apps like Kaspersky, Malwarebytes, Certo, or Incognito Anti-Spy can scan your device for known spyware fingerprints. Ensure Google Play Protect is enabled as well, as it can sometimes warn about known harmful apps. Note: If you believe your safety could be compromised by a partner discovering you ran a scan or found spyware, proceed carefully (have a safety plan). But technically, these tools can help confirm the presence of a spy app.

Detecting Spy Apps on iPhone (iOS) Devices

Apple’s iOS has a more locked-down ecosystem, making spyware harder to install – but not impossible. If you suspect an iPhone is being monitored, perform the following checks. Many are aimed at revealing signs of jailbreak or configuration profiles that enable spyware, since outright spyware apps can’t run on a non-jailbroken iPhone without leaving traces.

• Look for Unfamiliar Apps or Icons:
  On a normal (non-jailbroken) iPhone, any spyware must either be using an Apple-provided method (like an MDM profile) or be a hidden app using enterprise certificates. Go through your App Library and home screens to see all installed apps. If you see an app you don’t remember installing (especially with a nondescript name like “Wifi” or a random utility), investigate it. Also check Settings, scroll down to where third-party apps are listed; every installed app (even hidden ones) should appear there for settings. If something is present that you cannot identify, that could be the spy tool. Note: On jailbroken devices, spyware may hide its icon entirely. But you might still see clues in Settings or the iPhone Storage list. Any completely unknown app should be considered suspicious.
• Battery and Data Usage Anomalies:
  Similar to Android, an iPhone constantly running spyware might have significant battery drain or data usage. Check Settings > Battery for unusual activity – if an app or process with no name (or a strange name) shows high background activity, that’s a warning sign. Likewise, in Settings > Cellular (Mobile Data), review the data usage by app. Spyware might try to hide by not showing a name here, but total data consumption could be high. If your monthly data usage seems far higher than expected and you can’t attribute it, spying could be a cause (especially if large chunks of data are uploaded when you’re not using the phone).
• Privacy Permissions Check:
  iOS lets you see which apps have access to sensitive sensors. Go to Settings > Privacy & Security and inspect categories like Location Services, Camera, Microphone. If you spot an unfamiliar app in the list that has access to your location “Always” or uses the mic/camera, that is a huge red flag. For example, if “(Unknown)” or some odd app is listed as having camera access, spyware could be using it to spy. You should revoke any suspect permissions (set to “Never” for location, or toggle off camera/mic). While this won’t remove the spyware, it can cripple some of its functions until you can fully remove it.
• Apple ID/iCloud Security Alerts:
  Many iPhone spyware solutions rely on iCloud access rather than an on-device app. If someone has your Apple ID credentials, they might be receiving your data remotely. Apple will sometimes send emails or push notifications about new sign-ins to your iCloud or device backups being accessed. Check your iCloud account email for any notices of logins that weren’t you. Also, go to Settings > [Your Name] > Password & Security, and see the list of devices on your Apple ID. If there’s a device you don’t recognize, someone might have added their hardware to your account to sync your data. Unlink any unknown devices. Suspicious login alerts from Apple (especially referencing locations or devices that are not yours) are a strong indicator that your iCloud is compromised.
• Signs of Jailbreaking:
  Because installing true spyware on iOS almost always requires a jailbreak, check if the device is jailbroken. The obvious tell is the presence of apps like Cydia, Sileo, or Installer – these are unofficial app store apps used on jailbroken iPhones. Use the iOS search (swipe down on home screen) to search for “Cydia” or “Sileo” by name. If you find them (not as web results, but as an actual app), the iPhone is jailbroken, which means spyware could be deeply implanted. Even if those aren’t visible, other jailbreak hints include unusual behavior like apps that shouldn’t be allowed (e.g. a theming app), or the ability to see a file system browser on the device. If you suspect a jailbreak, that alone is cause for alarm – an iPhone should not be jailbroken without the owner’s knowledge, and it likely means spyware or unauthorized apps are installed.
• Check for Configuration Profiles / MDM:
  Navigate to Settings > General > VPN & Device Management (on some iOS versions it might say “Profiles & Device Management”). If your device is not supposed to be managed by any organization, you normally should not see any profile installed. If you do see a Configuration Profile or Mobile Device Management profile listed that you didn’t install yourself, this could be a spy configuration. Spyware like Spyine or others have been known to use MDM profiles to gain access under the guise of a corporate device management. Tap on any listed profile to view details – if it’s not something you recognize (like your workplace or school), that’s a sign of compromise. The profile could allow the installer to remotely track location, install apps, or enforce settings without your consent.
• iTunes Wi-Fi Sync Abuse:
  Some desktop-based iPhone spyware (e.g. certain variants of mSpy/Highster) have abused the iTunes Wi-Fi Sync feature to constantly fetch device backups. Check on your iPhone under Settings > General > iTunes Wi-Fi Sync (this appears if your phone has been set to sync with a computer). If you see a computer name that you don’t recognize authorized for Wi-Fi Sync, that means at one point your iPhone was connected and set to sync to that computer’s iTunes over Wi-Fi. An attacker could use this to automatically receive your phone’s backups (which include messages, call logs, etc.). If something is listed there that shouldn’t be, you can remove/disable it by connecting your iPhone to iTunes/Finder on a trusted computer and turning off Wi-Fi sync for all devices. In general, if you’re not intentionally using Wi-Fi Sync, there should be no such entry visible.
• General Device Behavior:
  Keep an eye out for other abnormal behaviors. Does the screen light up for no reason or show weird flickers (a sign of remote screenshot or camera activation)? Do you hear background noises during calls, or do calls drop unexpectedly (possible interception attempts)? Also, if the phone is overheating while idle, or you find new entries in your Safari history (some spyware might momentarily open browser for certain tasks), these indirect hints can further support your suspicions. Apple has a “Safety Check” feature (in iOS 16+) under Privacy > Safety Check, which is designed to quickly review and reset sharing access – running this can disable sharing of your location or data with any third-parties, which is useful if an abuser set up Find My or shared calendars/notes to spy on you.
• Use a Mobile Security Scanner:
  While iOS doesn’t allow traditional antivirus apps to scan the system, there are security tools like Certo iPhone, iMazing (desktop software), or Clario Anti-Spy that can check for known indicators of compromise. For example, iMazing’s 2025 update includes enhanced spyware detection by analyzing an iPhone backup for traces of stalkerware or Pegasus-like spyware. These can detect jailbreaks, suspicious profiles, or known malicious files. Running such a scan can be helpful if you have access to a computer. Keep in mind these tools might cost money or require connecting your phone to a PC/Mac, but they provide an extra layer of confirmation.

Removing or Disabling Spyware Apps on Android

Once you have identified (or strongly suspect) a spyware app on your Android device, you should remove it carefully. Important: Removing the app will likely immediately stop the data flow to the spy, but it may also alert the perpetrator (many spyware dashboards will show the device as offline). Consider your personal safety before removal – if you’re in an unsafe situation, you might want to consult authorities or a support organization first. Assuming it’s safe to proceed, here are the steps:

1. Prepare for Removal:
   If possible, disconnect from the internet (turn on airplane mode) before removing the app – this can prevent the spyware from sending a final alert to the controller. You should also enable Google Play Protect (in the Play Store menu > Play Protect) and run a scan. Play Protect or a third-party security app might identify the stalkerware by name and give an option to uninstall. Additionally, it’s wise to take screenshots or notes of the suspicious app’s presence (for evidence) before deletion, if you plan to report it.
2. Revoke Administrator Rights:
   If the spyware was set as a Device Admin, you must remove that privilege first. Go to Settings > Security > Device Admin Apps, find the suspect app, and tap Deactivate or Remove admin. This will prevent the app from blocking uninstallation. If you cannot uncheck it because the option is grayed out, try booting into Safe Mode (most Androids enter safe mode by holding the power off option, which disables third-party apps temporarily). In safe mode, you should be able to revoke the admin setting.
3. Force Stop and Uninstall:
   Next, go to Settings > Apps (or Apps & Notifications) and locate the spyware app. It might be under its fake name (e.g. “System Service”). Tap it, choose Force Stop (to ensure it’s not running), then tap Uninstall. In some cases, the uninstall button might be hidden or the app might have attempted to gain “Install unknown apps” permission to reinfect – but simply pressing uninstall should remove it if admin rights were cleared. If it asks for any confirmation, proceed. Once uninstalled, reboot the phone.
4. Check for Residual Files/Apps:
   After reboot, double-check the areas from the detection phase. Ensure it’s gone from the Apps list, Accessibility, notification access, etc. Occasionally, spyware can install a secondary component or scheduler. Look for any other odd apps that appeared around the same time. If found, remove those as well. It’s also a good idea to clear your download folder or any APK files that might be the installer, so it can’t be accidentally reinstalled.
5. Update Phone’s OS and Google Services:
   It’s wise to update your Android OS to the latest version after removal. This patches any known vulnerabilities that spyware might have exploited to gain persistence. Also update all your apps from the Play Store. This ensures you have the latest security fixes (and if the device was rooted without your knowledge, updating may un-root or close that breach).
6. Password Hygiene:
   Because spyware could have recorded your keystrokes or passwords, change the passwords to your important accounts (Google account, email, banking, social media) after removal. Do this from a clean device if possible. Also enable two-factor authentication to prevent the spy from regaining access. Check your Google account’s device/activity logs for any unknown logins just in case.
7. Factory Reset as Last Resort:
   If removal proves difficult (for example, you can’t find the app but strongly suspect it’s there, or it immediately reinstalls itself), a full Factory Reset will wipe the phone. This will remove any spyware for sure. Backup your important data first (but do not simply re-import all apps from a potentially infected backup). After the reset, set up the phone as new and be cautious with what you restore. This is a drastic step but guarantees the phone is clean. Keep in mind, if the phone was rooted, factory resetting might not remove root; you may need to re-flash the official firmware to fully secure the device.
8. Post-Removal Monitoring:
   After you believe it’s gone, stay vigilant. Notice if battery life improves and data usage drops back to normal – it should if the spyware was the culprit. Continue to periodically check the settings we discussed (accessibility, etc.) to ensure nothing sneaks back. And of course, secure access to your device: use a strong PIN/password or biometric lock so an adversary cannot easily reinstall spyware.

(If you removed a spyware app, you may consider keeping some form of anti-spyware app on your phone for a while. Apps like Certo Mobile Security or Kaspersky Mobile can run in the background to alert if known spyware is reinstalled. Just be aware of the risk that the person who planted the spyware may realize it’s gone – have a safety plan in case of any escalation in real life.)

Removing or Disabling Spyware on iPhone (iOS)

Removing spyware from an iPhone largely centers on securing your Apple account and undoing any jailbreak or configuration changes that were made. Here are the steps to thoroughly disable iPhone surveillance:

1. Change Your Apple ID Password:
   Do this immediately. If someone was using your iCloud credentials to monitor you (no physical app on the phone), changing the password will cut off their access. On your iPhone, go to Settings > [Your Name] > Password & Security > Change Password. Choose a strong new password that the stalker cannot guess. This will forcibly sign out any devices that were logged into your iCloud (including any spyware service pulling your backup). Tip: Also remove any trusted phone numbers in your Apple ID two-factor settings that belong to the abuser, and do set up two-factor authentication on your Apple account if not already enabled.
2. Remove Unknown Profiles or Device Management:
   Go to Settings > General > VPN & Device Management. If there is any profile or MDM listed that shouldn’t be, tap it and choose Remove Profile. You may need to enter your device passcode to confirm. This will remove any remote management setup from your phone. After removal, also delete any related apps that may have been installed via the profile.
3. Delete Suspicious Apps:
   Press and hold on any app you identified as suspicious until it jiggles, then tap the “X” (or “Remove App”) to uninstall it. On newer iOS, you might do this through the App Library as well. If the device is jailbroken, you might see non-App Store apps that won’t delete normally – in that case, the next step (iOS update) is crucial. Note: If your phone was jailbroken, the spy app might not appear as a normal icon at all; you would instead remove it via Cydia. However, the simpler and safer path is to un-jailbreak by restoring (see step 5).
4. Update iOS to the Latest Version:
   Connect to Wi-Fi, then go to Settings > General > Software Update and install any available iOS update. Updating the OS will often disable a jailbreak (since the exploit is removed by Apple’s patches) and thereby stop any unauthorized apps from running. It also may revoke any enterprise certificates that a spyware app was using to remain installed. Essentially, an update brings the iPhone back under Apple’s latest security, which can automatically neutralize some spyware. If your phone is already on the latest version but is jailbroken, consider re-installing iOS via iTunes to remove the jailbreak.
5. Restore from a Clean Backup (Optional):
   If you have a backup from before the spyware was installed (and you are sure it’s clean), you can restore the iPhone to that backup. Use a computer with iTunes/Finder or iCloud backup restore. This will erase the device and bring back the state from the earlier time. Be cautious: do not restore from a backup made while the device was compromised, as it might re-introduce the malicious profile or app. When in doubt, skip to step 6.
6. Factory Reset the iPhone:
7. The most thorough solution is to erase all content and settings. In Settings > General > Transfer or Reset iPhone > Erase All Content and Settings. This will wipe the device to factory state. Set it up as new (or after erasure, you can choose to restore from a known-clean backup as mentioned). This guarantees removal of any spyware, jailbreak, or configuration that was present. It’s a drastic step, but if your personal safety is on the line, a fresh start with the device is worthwhile. After reset, go through the earlier detection steps to confirm everything is normal (there should be no odd profiles or apps on a freshly reset iPhone).
8. Secure Your Device and Accounts:
   After cleanup, do the following to prevent reinfection:
9. Monitoring and Scanning:
   Keep an eye on the device behavior in the weeks after. If possible, run a scan with a tool like Certo iPhone or a similar utility by connecting your iPhone to a computer. These can verify that no jailbreak or spyware files remain. Also, Apple’s built-in Safety Check (in Settings > Privacy & Security > Safety Check) can help review which people and apps have access to your information and revoke any that look wrong (use the “Emergency Reset” if needed to instantly cut all sharing).

Removing iPhone spyware is largely about regaining control of your accounts and device settings, since the spyware itself often doesn’t persist once those are secured. After taking these steps, your iPhone should be free of any unauthorized monitoring. Always stay cautious if the person who installed the spyware had physical access before – keep your device with you and consider using a device management detection tool periodically.

Best Practices to Prevent Spyware Re-infection

• Keep Your Phone Physically Secure:
  Most spyware requires physical access for a few minutes to install. Use strong passwords and don’t leave your device unattended around people you don’t fully trust. Enable auto-lock and do not share your phone’s PIN/password. Consider that fingerprints or face recognition could be used by someone close to you (while you’re asleep, for example), so in high-risk situations a hard PIN might be safer.
• Stick to Official App Stores and Verify Apps:
  Avoid downloading apps from outside the Google Play Store or Apple App Store whenever possible. Both Google and Apple have banned many known stalkerware apps. If you must install an APK (Android) or a configuration profile (iOS), be 100% sure of its source. Never install a random app sent to you or advertised to “track your phone” unless you initiated it and trust the vendor.
• Maintain Updated Software:
  Keep your Android OS, iOS, and all apps updated to the latest versions. Updates frequently patch security holes that spyware might exploit. An up-to-date system is harder for spyware to penetrate without user consent.
• Regularly Audit Device Permissions and Accounts:
  Make it a habit to review which apps have what permissions on your phone. On Android, check the “Permissions Manager” and on iPhone, the Privacy settings, as described in the detection sections. Also review your online accounts (Google, Apple, etc.) for any devices or third-party app access that you don’t recognize. Change your passwords periodically, especially if you suspect they’ve been compromised.
• Use Security Software:
  Consider installing a reputable mobile security app that has anti-spyware capabilities. Many antivirus apps now specifically flag stalkerware apps with warnings. Apps like Malwarebytes, Avast, Kaspersky, or dedicated ones like Incognito or Certo can run scans and provide an additional layer of defense. On iPhone, options are more limited, but using Apple’s built-in security (like enabling automatic updates and using the new Lockdown Mode if you fear high-end spyware) can help.
• Awareness of Social Engineering:
  Be cautious of phishing – some spyware has been known to be distributed via links or attachments. Don’t click suspicious links sent to you, and don’t install configuration files or certificates emailed to you. An attacker might trick you into installing an “update” or “security app” which is actually spyware.
• Support for Victims:
  If you find spyware, remember you’re likely a victim of a crime. Resources like the Coalition Against Stalkerware provide guidance and support. While this report is not legal advice, know that in most jurisdictions it’s illegal to install such software on someone’s device without permission. You can reach out to law enforcement with the evidence (e.g., screenshots, the actual spyware APK, etc.). But your immediate safety comes first – use the technical steps above to secure your device, and then consider further actions with professional advice if needed.

Final Thoughts

Covert spy apps pose a serious threat to privacy on both Android and iPhone. By knowing the common spyware names and capabilities, you can be vigilant. Regularly checking your device for signs of compromise – and swiftly removing any spyware detected – will help you regain control of your phone. Stay informed and cautious, as the spyware landscape in 2025 continues to evolve with new tools, but also new detection techniques to combat them.