Android Stalkerware

Aperçu de la menace

Stalkerware hides on mobile devices to monitor victims—often installed by someone with physical access. It captures GPS, SMS, photos, and messaging app content.

Comportement d’attaque

• Background GPS tracking
• Screen capture and keylogging
• Hidden launcher icons

Méthodes d’infection

• Physical device access
• Social engineering to install "security" apps
• Abuse of enterprise MDM in coercive contexts

Symptômes et indicateurs

• Battery drain
• Device warmth when idle
• Unknown admin or accessibility permissions

Atténuation immédiate

• Check device admin and accessibility settings
• Contact support organizations if in abusive situation
• Factory reset from trusted network if needed

Guide de suppression

• Remove device admin privileges
• Uninstall suspicious apps in safe mode
• Change all account passwords

Méthodes de prévention

• Use screen lock and biometrics
• Review installed apps regularly
• Privacy protection permission audits

Indicateurs télémétriques

• Accessibility service abuse
• Background location always-on
• Hidden app components