How to Check If Your Android
Phone Has Been Hacked
Fast battery drain, strange pop-ups, or a phone that feels "off" — these can be harmless glitches, or signs of spyware or stalkerware. Here's how to tell the difference and what to do about it.
Last updated: July 2026 · 7 min read
Warning Signs Your Phone May Be Compromised
Battery drains much faster than usual
Spyware runs in the background constantly — recording location, calls, or messages — which noticeably shortens battery life even when you're not actively using the phone.
Phone stays warm when idle
If the device heats up while sitting unused and locked, a background process may be continuously active.
Unusually high data usage
Stalkerware and spyware upload recorded data to a remote server. Check Settings → Network & Internet → Data usage for apps you don't recognize consuming data.
Unfamiliar apps or permissions
Apps you didn't install, or familiar apps with permissions you didn't grant (accessibility, device admin, notification access) are red flags.
Random reboots or slow performance
Malicious apps that run at a low level can cause instability, unexpected restarts, or persistent lag.
Someone seems to know things they shouldn't
If a partner, ex, or family member repeatedly knows your location, messages, or calls without you sharing them, stalkerware may be installed.
How to Check, Step by Step
Review installed apps
Go to Settings → Apps → See all apps. Look for anything you don't recognize, especially apps with generic names like "System Update" or "Device Health" that aren't from Google or your phone maker.
Check app permissions
Settings → Privacy → Permission manager. Review which apps have access to location, camera, microphone, SMS, and call logs — revoke anything unnecessary or unfamiliar.
Check for device administrator apps
Settings → Security → More security settings → Device admin apps. Stalkerware often needs device admin access to hide itself and resist uninstallation.
Check accessibility service access
Settings → Accessibility → Installed apps. Accessibility permissions let apps read screen content and simulate taps — a common stalkerware technique.
Run Google Play Protect
Open Play Store → profile icon → Play Protect → Scan. This checks all installed apps against Google's malware database.
Check Google Account security activity
Visit myaccount.google.com/security on another device and review recent sign-ins and connected devices for anything unfamiliar.
If You Find Something Suspicious
Uninstall the suspicious app immediately from Settings → Apps, not just by removing its icon
If it has device admin access, deactivate that first (Settings → Security → Device admin apps → Deactivate), then uninstall
Change your Google account password and enable two-factor authentication right after removal
Change passwords for banking, email, and social media apps from a different, trusted device
If safety is a concern (a partner or ex may be monitoring you), consider a factory reset as the most reliable removal method
If you suspect stalkerware placed by someone you know, plan the removal carefully — a sudden loss of access can alert them; contact a local support organization if you feel unsafe
Preventing It From Happening Again
Once your phone is clean, a few habits keep it that way:
Never leave your phone unlocked and unattended
Most spyware and stalkerware is installed by someone with brief physical access to an unlocked phone — a few minutes is enough.
Only install apps from the Play Store
Avoid sideloading APKs from links or unknown websites, which is the most common way malware gets onto Android phones in India.
Use a family safety app transparently, not covertly
If you're tracking a family member's location for safety, use a visible, consent-based tool like Raksha rather than hidden monitoring apps — both parties should know what's installed.