Phone Spy Software Detection

Asking the question “is my phone hacked?” isn’t so crazy anymore. The market for covert mobile phone monitoring applications is rapidly growing and recent advancements in spy software capabilities are astonishing. Spy software can be easily installed on your cell phone and it is meant to be undetectable. Even digital forensic investigators have difficulty detecting the presence of surveillance software and other malicious programs. Mobile spy software can transmit your call history, text messages, emails, chat conversations, pictures and GPS location to the person monitoring your phone or tablet. In many cases they can, without your knowledge, intercept your in-progress phone calls or even activate the device microphone to eavesdrop on you while your phone is sitting on your desk or in your pocket.

Not only are most cell phone spy apps quick and easy to install, they are designed to be covert and undetectable by the victim. The vendors program the applications so that they run as hidden or background processes and, if you were able to see the program name or installation folder, it would appear as something benign such as “gps_service”.


Binary Intelligence has developed a comprehensive approach to the detection and identification of mobile spy programs which is based on ongoing research efforts. Our investigators actively install commercially available spy programs on test devices and then perform a low-level forensic autopsy to determine exactly how each surveillance application installs and what artifacts it leaves behind. This allows us to formulate reliable detection strategies based on indicators of compromise (IOC) derived from our research. Our process is so thorough that we are often able to identify evidence of previous spyware installations long after the program has been uninstalled or the target device was reset.


Binary Intelligence does not rely solely on commercial file-level signature scanning programs — which only detect limited/older threats. We employ a thorough 5-step analysis process in which we focus on the following areas:

[list type=”arrow2″]

  • Privilege escalation
  • Malware signature scan
  • Targeted keyword/string search of active files and unallocated space
  • Application database review
  • File-system/executable program review



A report is issued upon completion of the forensic examination which details the results of each step. When spyware installations are detected, we can then undertake additional analysis in order to attempt identification of the responsible parties or isolate the unique installation “key” for potential legal followup.

Spyware Analysis Submission Form

Complete this form to receive information about spyware analysis and device submission instructions.

Your Contact Information

Enter your name and a safe email address that we can use to contact you.

Device Information

Please enter as much information about your device as possible. The model number and FCC ID can usually be found on a sticker inside the battery compartment or printed directly on the back of the device.

Samsung, Apple, Motorola, etc.

Galaxy S4, iPhone 5S, Droid RAZR, etc.

SCH-i545, A1533, XT912, etc.

A3LSCHI545, BCG-E2642A, IHDP56ME1, etc.

Verizon, AT&T, Sprint, etc.

Description of Situation

Briefly tell us about your situation and why you suspect that spyware has been installed on your device.

Please wait...