7 Signs Your Android Phone Has Been Hacked—and What To Do if Your Android is Hacked

Our smartphones are the center of our online lives. From everyday social media conversations to official emails and banking, we depend on our phones more than anything. It’s no wonder then that smartphones are just as high a target for hackers as computers.

Despite the utmost efforts of both Google and Apple, mobile malware remains a threat as malicious apps keep landing in the official app stores. They have become sneakier and – no wonder – more harmful.

According to McAfee’s report, more than half of these malware apps hide in the background tasks. They are hard to trace because they come without any icon. Still, they continue to work behind the scene, steal user information, serve unwanted ads, force bogus user activity, or steal user information that can be used for ransom or sold for quick cash. In another report published by MalwareBytes, Android devices are found to be more prone to hack attacks. They reported an exponential rise in aggressive adware and malware attacks on Android devices over the years.

Spyware is also a type of malware. Hackers use spyware to monitor a device’s content. It uses programs that can harness a device’s internet bandwidth, use it in a botnet for DDoS, send spam emails/messages, or even phishing attacks that mirror a legitimate website and trick users into entering their user credentials. Once a victim enters these details, a hacker then gets access to a copy of the credentials.

Users often download this malware from third-party resources, non-official malicious websites or fall prey to it via emails/messages. And then, there are commercial spy apps that need physical access to the victim’s phone. These apps are used by people often well known to a victim to monitor their activity for one reason or another.

So, if you ever land yourself in a situation where you are unsure whether you have been hacked or not, this is what you can do to safeguard yourself.

7 Signs Your Android Phone May Have Been Hacked

1. Noticeable decrease in battery life

Are you noticing a sudden decrease in your phone’s battery life? Sure, the battery life of any electronic device decreases over time. However, a compromised smartphone displays a significant reduction in the battery time span. This is because the spy application or malware starts eating up the phone’s resources as it scans and transmits your data over the internet. This additional battery usage makes your phone consume more power in a comparatively less period of time. So noticeable decrease in battery life is a more prominent indication of a hacked phone.

2. Sluggish performance

Is your phone constantly freezing? Are you noticing certain apps are crashing more often than they used to in the past? Is your phone slow even after a deep clean? If that’s the case, your phone may have been compromised. Malware often overloads a phone’s resources as they clash with other apps. Another sign is that some apps may continue running even after you close them. Your phone may also crash all of a sudden or restart without you hitting the power button.

3. High data usage

Unusually high internet bill is another sure-fire sign of a compromised device. Even though they work in the background, malware constantly needs to communicate with their server to send your information back or upload your data.

4. Outgoing calls or texts you didn’t send

In case you see unknown calls or text messages in your phone logs, brace your defenses. These could be premium-rate numbers a malware is forcing your phone to dial. Often, the proceeds of these numbers are collected in the criminal’s wallet. Therefore, check your bills for any unrecognizable costs.

5. Mystery pop-ups

Not all pop-ups are dangerous. Only the ones you don’t recognize or those that become too frequent raise the alarm. Some malware known as adware forces mobile phones to repeatedly view some pages. This way, the creators of this adware generate revenue with the help of clicks. Still, others use different phishing links in their pop-ups to get users to provide their login credentials for a particular website.

6. Unusual activity on any accounts linked to the device

If a hacker gets access to your smartphone, the first thing they will do is try to access your linked accounts. These can be your social media accounts, email clients, lifestyle, or any productivity apps that you may have downloaded for one reason or another.

So, if you notice any unusual activity like a password reset, new emails being sent or mails being read that you don’t remember even opening, receiving emails relevant to a sign up for a service you don’t recognize, etc. All of this comes in the category of unusual activity.

This could be a criminal trying to open new account/credit in your name using your private information before they attempt a clean security sweep on your device.

What To Do If Your Android Phone Is Hacked

The first rule to follow when your phone gets compromised is DON’T PANIC. Panic always leads to bad decisions. Calm yourself down and download any mobile security app on your phone. There are apps like McAfee, or Bitdefender for their exceptional security features, as noticed by independent security analysts for Android phones. iPhones and iOS-based devices, on the other hand, are less prone to hacking. But that doesn’t mean they are immune. Lookout Personal is a great app to notice any maliciously acting, potentially dangerous apps. You can download it for free and then use it for a monthly fee of 2.99.

Who Would Hack Your Phone?

The answer to this question is anyone with an ax to grind or someone with no ax at all. Let me explain. By now, governments spying on us has become common knowledge. So much so that we have become altogether desensitized to the notion. Other than that, anyone can hack your phone for whatever reason. It can be your employer, spouse, friend, or any stranger sitting in their mom’s basement. In most cases, it has been observed that unless you are a high-profile target with lots of valuable information, your hacker will most likely be someone close to you.

12 Ways Your Android Phone Can Be Hacked

From highly targeted and grudge-based attacks to opportunistic and unsuspecting data grabs, let’s take a look at some of the ways a hacker can spy on your cellular device. This list is in no way exhaustive. Do let us know in the comments if we missed a notorious method.

1. Spy apps

We are starting with the most common one: spy apps. There is no dearth of cellphone monitoring apps designed specifically to track someone’s activity and listen to their communications. In fact, many of them are marketed as legitimate tools for safety and security. Suspecting partners, concerned parents, and pranking friends are their main target audience who try to keep tabs on their loved ones for one reason or another.

These spy apps can be used to remotely read texts and emails, access internet history and photos, track GPS and phone calls, etc. Some of them can even be utilized to hack the phone’s microphone in order to record personal conversations. Imagine that! Basically, these apps let their users do whatever a hacker can do with a compromised mobile phone.

And what’s worse, these apps are so easy to set up that anyone with no practical knowledge of spyware can easily use (and abuse) them.

Likelihood

Spy apps are readily available on all major app stores. Therefore, anyone with access to your mobile phone can easily download one without your notice.

How to protect yourself

• Installing spyware requires physical access to your mobile phone. Restricting your phone with the help of a password, fingerprints, or unlock pattern immensely reduces the risks. This way, no one can even access your phone without your permission. Also, remember spy apps are generally installed by someone close to a victim. Therefore, pick a hard-to-guess password.

• Just go through all of your apps one by one and delete the ones you don’t use or don’t recognize installing in the first place.

• We can’t emphasize this point enough, DON’T jailbreak your iPhone. If your iPhone isn’t jailbroken, it will show all the apps. Otherwise, spy apps can hide behind the scenes. Tracking such apps also becomes very difficult for security software. This is because security systems usually scan for known malware. If your phone has one of the latest malware, a security scan will have trouble isolating it.

• Another benefit of not jailbreaking your iPhone is that such phones restrict anyone from download spyware. These apps are not easily available on the official app stores.

• We recommend downloading a mobile security app for your safety. If you are on Android, get Bitdefender, McAfee, or any other similar app. In case you are on an iOS device, Lookout is a great option.

2. Phishing messages

The second most common way to hack your phone is via phishing messages. Whether it’s someone claiming you have won a lottery, a coronavirus contact tracer, or a family member exhorting you to check out this picture of you from the last night, SMS messages containing suspicious links often make the rounds. And because not checking emails is considered unprofessional, phishing emails are just as common.

Some periods such as Christmas, Tax season, and other family holidays tend to cause a spike in phishing messages. This year’s Corona Virus related federal government’s stimulus has also resulted in a huge spike in phishing emails claiming to be from the IRS. These attacks are more common in Android phones because a jailbroken iPhone won’t let anyone download apps from anywhere else.

A good giveaway of such attacks is that when you click on its link, the opened link will prompt you to enter your login information. It can be your bank login, email login, or social media login. Now, even if the user interface looks similar to either your bank or social media, double-check the URL. You will see that the URL will point to some other address – usually a hacker’s address.

Likelihood

Highly Likely. Experts suggest, even though people have become wary of opening links from unknown sources on their email, they tend to be less skeptical on their mobile phones.

How to protect yourself

• Remember, what’s the usual way to verify your identity with different accounts? For instance, your bank will never prompt you to enter your full passcode or PIN.
• Stay up to date with the way your official Tax agency communicates with people. Secondly, always verify your communication with the Tax collection department.

• If you cannot see the entire URL of a link sent to your by a friend or family, don’t open it. In case a link is coming from a stranger, just ignore it.

• However, if you click on the link and try downloading an App/Software, your phone will notify you about it. Don’t ignore this warning. In case the app gets installed by mistake, simply delete the app as soon as possible and run a deep security scan.

3. Unauthorized access to Google or iCloud account

Compromised Google or iCloud accounts provide access to abundant information backed up from your mobile phone. This information contains pictures, messages, call logs, location logs, and in the case of the iCloud keychain, passwords to browsers, banking apps, and email accounts. Some spyware sellers in the market explicitly market their products against such vulnerabilities.

Sure, criminals may not find much value in everyday pictures of regular folk. However, their owners do, which can lead to their content being held digital hostage unless they pay a ransom. Spy apps often used to hold someone’s content hostage are called ransomware.

What’s more, a hacked Google account means all the secondary linked accounts are a toast. It can lead to a domino effect. From your linked social media accounts to email accounts and mobile carrier account, a hacked primary email paves the way for a serious breach of security, leading to identity theft.

Likelihood

Highly Likely. Unauthorized access to a Google or iCloud account is a big security risk. All an attacker needs is a single email address. They don’t need access to your phone or your phone number. Instead, they can use your name from your primary email address to sign up for Google/iCloud account. So, if you use a weak passcode/password reset method comprising of personally identifiable info, it’s not difficult for an attacker to glean that information from your social media.

How to protect yourself

• Always use a strong password, comprising letters, numerals, and special characters.
• Enable login notifications for all of your accounts so that you are aware of every sign-in.
• Enable two-factor authentication. This way, even if someone has your password, they won’t be able to log into your account.
• To prevent anyone from resetting your password, set up password security questions. However, make sure this information isn’t personally identifiable. Otherwise, they will be able to glean this information from your social media and reset your password anyway. It’s amazing how much information people use in their security questions such as “Mother’s maiden name “ and “City of birth” is widely known by close friends and family.

4. Bluetooth hacking

All types of wireless communication are prone to cyber sniffing. Many Android OS vulnerabilities often come to light that allows hackers to connect over Bluetooth secretly and then scrape data on the device. While these vulnerabilities often get patched in the latest updates, attackers may still be able to hack your wireless communication through other methods. For example, tricking you into pairing with their devices by giving it a universal name in public places. Once you connect your phone, your personal information becomes at risk.

Likelihood

The chances of Bluetooth hacking are rather low. Unless someone is specifically targeting you or you travel very often and keep your Bluetooth on. Even then, Bluetooth hacking is less common than hacking techniques mentioned previously.

How to protect yourself

• Keep your Bluetooth off at all times. Only turn it on when you are actually going to use it. After using, turn it off again.
• Be wary of opening Bluetooth in public places.
• When pairing a device in public, avoid accepting unknown pairing requests.
• Download security patches on your phone as soon as they become available.

5. SIM swapping

Do you know online criminals can call your cellular network providers and pose as you who has been locked of their account? Then, by providing your personal information that they have already stolen, they can get the phone number assigned to their own device. Therefore they can ultimately take over your entire online persona. This type of attack is called SIM swapping.

Hackers can use login names to request a password change and then intercept the multi-factor authentication message sent to a stolen mobile phone number. Their purpose can be anything from holding a person’s digital accounts for ransom or, in case of high profile targets, sell information on underground market places. Cryptocurrency accounts are also prime targets in SIM swapping attacks.

Some carriers authenticate their users by asking for details of the last three dialed numbers as a security measure. However, hackers can easily bypass even this security barrier by sending a text to users asking them to dial a certain number which then plays a voicemail asking them to dial a second and third number.

Likelihood

Currently, SIM swapping attacks are gaining momentum in Latin America and Africa. They have also been cases reported from other parts of the world. Still, for now, mobile carriers in other parts of the world seem to be doing a good job protecting against SIM swapping attacks.

How to protect yourself

• Never use a guessable PIN for your mobile carrier. Anyone can get your birthday from your social media!
• You can use any authentication app such as Google Authenticator instead of 2-factor SMS security.
• Use a strong password along with multi-factor authentication for ALL of your accounts. It will minimize the risks of an attack that can disclose your personal information needed to swap your SIM.

6. Hacked phone camera

As zoom and video call meetups are becoming more popular for work and family connections in a post COVID world, the need to protect your camera from a hacker is becoming apparent. Recently, Android 10 fixed a glitch in their camera app that would have allowed hackers to record a victim’s video steal their gallery pictures and geolocation data. Likewise, there are malicious apps that can hijack your camera app.

Likelihood

Less likely. One such glitch in Android has already been fixed.

How to protect yourself

Download security fixes as soon as they become available

Keep all of your apps up to date.

7. Apps that over-request permissions

Some apps may over-request permissions for the sole purpose of harvesting your data. Others – particularly the ones downloaded from third-party sources – may get even more malicious by requesting access to your location data, camera, audio jack, and more.

According to research by Kaspersky in 2020, many of these malicious apps benefit from Accessibility Service. It’s a mode designed to help the physically impaired use smartphones easily. When an app gets permission to this mode, it opens a horizon of limitless possibilities for interacting with the operating system’s interface.

Free VPN apps and third-party cache cleaners (claiming to boost your mobile’s speed) are two of the most likely culprits of over-requesting permissions. In fact, it was found in research that two-thirds of the top 200 most downloaded free VPNs for Android request sensitive user information like location.

Likelihood

Such apps are very common. Many users download such software on their own.

How to protect yourself

1. Always read app permissions.
2. If an app requests more access than they need, avoid it.
3. Check an app’s reviews online before downloading them on your phone.
4. Use antivirus apps that scan an app before installing it on your mobile.

8. Snooping via open wifi networks

Next time you are in a public place and stumble upon a free wifi network, it’s best to avoid it altogether. Hackers can snoop in on unencrypted traffic, known as MITM (man in the middle) attacks. Some nefarious public wifi hotspots can even redirect you to phishing sites using lookalike banking sites. This way, they can capture your login credentials. What’s worse, criminals can easily set up an open wifi network named after the café you are sitting in to catch your login details for theft or sale on the dark web.

Likelihood

Any person with a basic understating of how apps work can download the requisite software, intercept your traffic and analyze it to glean necessary information.

How to protect yourself

• Never use free public hotspots.
• In case of an emergency, always use wifi networks that are protected with a password. Such networks usually have some form of encryption (WPA, WPA2, or WPA3) to protect your traffic.
• Since VPNs encrypt your traffic, you can also download a secure VPN app on your phone to protect yourself. IPVanish is a great option. It provides multi-device protection across multiple platforms (including Android and iOS). Plus, it comes with a 30 days money-back guarantee to protect your investment.
• In case you have to connect to a public wifi network and don’t have a VPN, don’t enter any of your login credentials.
• Always ensure the URL you see in the address bar is a legitimate one.

9. Apps with weak encryption

Apps with weak encryption protocols can leave your device vulnerable to attacks. According to security experts, applications that use a weak encryption algorithm are at a greater risk of leaking your information than those with strong encryption in place.

Additionally, apps with improperly implemented strong encryption protocols create backdoors. Hackers can utilize these backdoors to access personal information on your smartphone.

Likelihood

Less likely

How to protect yourself

• Always check an app’s review online before you download and install it on your phone. And we are not just talking about play store reviews. App stores are often subject to fake and spam reviews. Therefore, the best practice is to look at third-party user review websites such as TrustPilot.
• If possible, always download apps from well-known and reputable publishers.
• While the onus for deploying proper encryption protocols rests on developers, you are responsible for what you download.

10. SS7 global phone network vulnerability

Various SS7 vulnerabilities let attackers spy on your phone even if they just have your phone number. SS7 or Signaling System Number 7 is an international telecommunication standard for phone networks to exchange user information with each other for correct billing and passing on the calls/text messages.

They can spy on your texts, get notified about your phone calls as well as locations you are visiting. These SS7 vulnerabilities have been known for years. Attackers have been using the flaws of the system to intercept 2FA codes from banks, service centers, and other apps. They can also use SS7 flaws to hack your online accounts, from social media to emails, causing severe financial loss.

If you are wondering why there has been very little improvement in patching these SS& vulnerabilities, then the answer is simple. Even law enforcement agencies use these flaws to intercept cell phone data. Therefore, governments around the world don’t see much incentive to secure the network.

Likelihood

Growing. As SS7 vulnerabilities are easy to exploit, we expect these attacks will only grow in the future. After all, stealing 2FA codes from the carrier and then accessing a target’s online presence is much easier than tapping mobile phones. It’s also much more profitable to sell this information in underground marketplaces.

How to protect yourself

• Instead of using an SMS, go with an email or an authentication app for your two-factor authentication.
• You can also use an end-to-end encrypted messaging service (such as Whatsapp, Signal, Telegram) that communicates over the internet to bypass the SS7.
• Be careful about your phone conversations, whether you are in a potentially targeted group or not.

11. Malicious charging stations

Sure COVID has put a halt on travel and tours. However, people still use public USB power charging stations. A hijacked public USB power charging station benefits from the fact that the USB C cables transfer data while charging the battery. Older Android phones go a step further by mounting the hard drive once connected to a computer. This exposes all of the data to a dodgy owner. Some security analysts have also proved that it’s even possible to hijack video-out features of the phone when connected to a malicious charging hub. So a hacker can monitor your every keystroke down to a tee.

Likelihood

Low because of COVID.

How to protect yourself

• Never plug your phone into unknown devices. You can bring a wall charger if you travel often. Besides, there are various charge-only cables available in the market that doesn’t allow data transfer. These cables simply cut the data connection from their connector, effectively blocking any data communication.

• In case a public computer is your only available option to charge your phone, opt for the “Charge Only” option. Whenever you connect your Android phone to a computer, you see this pop-up. If you are on your iPhone, you will see the message on the computer asking for permission. Simply deny the request.

12. Fake Cellular Towers, like the FBI’s Stingray

Security agencies around the world use cellular reconnaissance devices that mimic standard cellular towers. FBI’s stingrays have garnered quite a widespread notoriety in this regard. These fake towers force all the nearby cellular devices to drop connection with their existing cellular network and connect to them instead. This allows the operators of these devices to monitor phone calls and text messages made via these phones, identify the location based on their movements and gain access to dialed phone numbers.

Stingrays have a radius of approximately 1 Km. Therefore an attempt to monitor a particular suspect’s phone in a public place will lead to hundreds of phones being recorded by the agencies. Although some countries outlaw the use of eavesdropping technologies, it’s pretty common in second and third-world countries. According to the American Civil Liberties Union, there are over 75 federal investigation agencies who use their own versions of Stingrays even in the US.

What’s challenging about this whole scenario is the fact that hackers can do the same. While the police may have legal power, hackers don’t need it. Modern technology has become so cheap and easy to understand that anyone with an internet connection and an intent to interfere can do so without much effort.

Likelihood

High. Sure an average citizen isn’t usually a target of StingRays. We don’t know what they do with the extraneous data extracted from non-targets.

How to protect yourself

Use end-to-end encrypted messaging and voice apps such as Signal or Telegram, particularly when you are in a situation that could be of interest to the government. These apps use very secure encryption protocols, preventing anyone from interfering with your calls or messages.

Final Thoughts

While technology has made things easier, it has also put us under immense risks. People often ask, can someone hack my phone? The answer is quite apparent. From security insiders to less tech-savvy everyday folk, everyone is moving away from the traditional ways of cellular communication. With this information and guidelines in mind, we hope you too can move towards safer mobile internet usage. Thank you for reading!