PDF download Download Article PDF download Download Article

It can feel stressful and daunting when someone gets control of your phone. If you suspect that someone hacked your Android device, don't worry—removing the hacker and their point of entry isn't as hard as you'd think, and wikiHow is here to walk you through the steps. We'll show you common signs that you've been hacked or have malware, walk you through fixing your hacked device, and help you improve your Android's security to avoid future hacks.

Quick Steps

  1. Reset your device.
  2. Restart your phone in safe mode.
  3. Take away administrator access and apps.
  4. Remove any apps that seem unfamiliar.
  5. Disable app installs from unknown sources.
  6. Change your Google account password.
  7. Install antimalware software and monitor your phone.
Section 1 of 3:

Signs Your Android is Hacked

PDF download Download Article
  1. If your device is running slowly and a reboot doesn't seem to help, a hacker may have installed malware on your phone. You may also notice a lot of pop-ups, including ads and demands for payment, as well as poor battery performance. [1]
  2. If you find strange apps in your app list or on your home screen, they may have been installed by someone who has access to your phone. But because apps installed by hackers might be more hidden than your other apps, the best place to look is in the Apps section of the Settings app .
    Advertisement
  3. If a hacker has access to your phone, they may be using it to send messages to other people, including your contacts. Check for messages you didn't send in your text conversations, as well as in the Sent folder of your email app. [2]
    • It's also possible that someone is spoofing your phone number or email address, which would mean they don't actually have access to your phone.
  4. If you're suddenly using a lot more of your data plan than usual, malware on your phone may be using the internet without you realizing it. To check your data usage, open your Settings and tap Data Usage . Be especially wary if the bulk of your data usage is coming from an app you don't recognize. [3]
    • Of course, this only applies if you haven't recently changed your internet habits. If you're suddenly watching more videos or downloading more media through messaging apps, the increase in data usage is probably justified.
  5. Advertisement
Section 2 of 3:

Remove the Hacker

PDF download Download Article
  1. As long as you back up or sync your device's data to your Google account, one of the ways to get rid of a hacker is to perform a factory reset of your phone. [4]
    • Keep in mind that resetting your device will delete all of its data. However, as long as your photos, videos, contacts, and personal data are synced to your Google account, it'll resync back to your device once you sign back in.
    • After resetting your phone, change your Google account password if the hacker has access to your account. You can do so in the Settings app—just go to Google > Manage your Google Account > Security > "'Signing in to Google"' > Password to do so from your device. [5]
  2. If you want to try removing hackers and malware without erasing your device and starting over, start by entering safe mode:
    • Press and hold the power button on your device.
    • When the power options appear, tap and hold Power Off .
    • When prompted, tap Reboot to safe mode . [6]
    • If this doesn't work, try powering off your device. Then, press and hold the power button until your device turns back on, hold down the Volume Down key until you see "Safe mode" on the screen. [7]
    • These steps might only work with Samsung devices. Check your manufacturer's site for steps on how to boot into Safe mode on your device.
  3. Hackers will often install apps with administrator privileges on target Androids, including crypto miners, keyloggers, and spyware tools. Before you start removing apps, you'll want to check for and deactivate device administrator apps:
    • Open Settings .
    • If your Settings menu has a search tool, search for admin and tap either Device admin apps or Device Administrators . [8]
    • If that doesn't work, go to Security > Advanced > Device admin apps or Lock screen & security > Other security settings > Device administrators .
    • If you see any apps you don't recognize, toggle off its switch to deactivate its administrative rights, or select the app and tap Deactivate .
    • Some admin apps are installed by the manufacturer (or your workplace) and are necessary to remain active to run properly, so only deactivate the ones that you know aren't required.
  4. Whether you've found any odd apps with administrator rights or not, you'll want to go through all of your apps and delete the ones you didn't install. If you see some apps that came preinstalled on your phone, you might not be able to remove those, but others are easy to uninstall from your app list or in the Settings app under Apps .
    EXPERT TIP

    Brandon Phipps

    Technology Specialist
    Brandon Phipps is a Technology Specialist based in Bakersfield, CA. He is the owner of Second Star Technologies and specializes in Managed IT Services for small and mid-sized businesses in Bakersfield, CA. With over 23 years of experience, he offers expert cloud computing, cybersecurity, and network management solutions. Brandon is a committed community member and coach who leads and innovates in tech and sports coaching. His dedication to local businesses and communities is evident in his hands-on, tailored approach to IT solutions.
    Brandon Phipps
    Technology Specialist

    Detect spyware by reviewing your system settings regularly. Keep an eye out for unfamiliar apps running, your phone turning off randomly, or strange icons popping up. Be aware that certain spyware may be well-hidden and difficult to detect through a basic system review.

  5. If you use an alternative app store or download apps from the web rather than the Play Store, you won't have the bonus of Google's safety moderation and Play Protect features. Disabling installs from unknown sources ensures that you can only install apps from the Play Store.
    • Open the Settings app.
    • Tap Apps or Apps & notifications .
    • If you're using a Samsung Galaxy, tap the three dots at the top-right, choose Special access > Install unknown apps .
    • On other devices, go to Advanced > Special app access > Install unknown apps .
    • Select each app in the list and toggle its "Allow from this source" switch to Off.
  6. In case anything shady is hiding in your app cache, it's a good idea to delete all cached data. [9] Here's how:
    • Open the Settings app.
    • If you have a Samsung Galaxy, go to Apps , select an app, choose Storage , and then tap Clear cache . Repeat for all apps in the list. [10]
    • On other devices, tap Storage , choose Other Apps , select an app, and then tap Clear cache . Repeat for all other apps.
  7. If someone had access to your device, it may be because your Google account is compromised . Before you reboot your phone to exit safe mode, make sure you're starting fresh with a brand new Google password. [11]
    • Don't reuse the same password you use for any other account—your new password should be completely unique.
    • Remove any third-party apps which have access to your account that you don't recognize, and check your devices and sessions to see if there's suspicious activity you don't recognize. This will ensure no suspicious devices or apps have access to your account.
  8. Now that you've made these changes, you can reboot your device into normal operating mode.
  9. There are many antimalware/antivirus options for your Android that don't cost anything at all. Most of the best options have paid upgrade options that allow the software to always run in the background, which can help you avoid getting hacked in the future. But for now, we'll just want to install some software so we can run a malware scan. Some excellent free options are Mobile Security, Sophos Intercept X , AVG Antivirus & Security , and Avast Antivirus & Security . All of these options are available for free in the Play Store.
    • Once you download the app, open it, and then follow the on-screen instructions to scan for viruses and malware.
    • If the scanning tool identifies a threat, you'll be prompted to remove it.
    EXPERT TIP

    Brandon Phipps

    Technology Specialist
    Brandon Phipps is a Technology Specialist based in Bakersfield, CA. He is the owner of Second Star Technologies and specializes in Managed IT Services for small and mid-sized businesses in Bakersfield, CA. With over 23 years of experience, he offers expert cloud computing, cybersecurity, and network management solutions. Brandon is a committed community member and coach who leads and innovates in tech and sports coaching. His dedication to local businesses and communities is evident in his hands-on, tailored approach to IT solutions.
    Brandon Phipps
    Technology Specialist

    Malwarebytes is a top choice for scanning your Samsung and Android phones for spyware. It monitors your system to see what apps and services are running in the background and detects anything malicious.

  10. If you've tried to remove a hacker or malware from your device, but are still noticing poor performance and signs of intrusion, your best bet would be to reset your device to its original settings. Once you reset your device, you can sign in with your Google account password and start with a clean slate. [12]
  11. Advertisement
Section 3 of 3:

Prevent Future Hacks

PDF download Download Article
  1. Installing the latest versions of the Android operating system and Play Store app updates ensures that your device has the latest security patches. [13]
  2. When you access the internet through a VPN, all of your internet activity is encrypted, making it difficult for potential hackers to monitor your activity. It's especially important to use a VPN when connecting to public hotspots, such as at a café or on campus. Choose a reputable VPN service rather than a free option.
  3. While rooting your device gives you more customization options, it also enables access to malicious apps that can take advantage of your administrator privileges. Androids are highly customizable as-is—if security is a concern, don't install custom ROMs.
  4. The apps you install from alternative app stores aren't necessarily inspected for malware. When you stick to apps in the Play Store instead of installing alternative app stores, you have the added protection of Google's quality assurance and safety oversight.
  5. This feature of the Play Store runs safety checks on apps before you download them, which can protect you from malware and other harmful apps. [14] The feature is turned on by default, but may have been disabled. Here's how to check:
    • Open the Play Store app and tap your profile icon.
    • Tap Play Protect .
    • Tap Settings .
    • Turn on "Scan apps with Play Protect."
  6. Don't let your device out of your site—a hacker might look at an unguarded device as an easy hacking opportunity.
    • Your PIN or password should be difficult to guess—using "1234" is not a good idea, even if it is easy to remember.
  7. Sometimes hacks occur because an unsuspecting user clicks a link in an email or text message and enters their login information, thinking they are signing into a website they use often. If you're not completely sure that a message comes from a trusted source, never click unfamiliar links, open attachments, or reply to messages with personal information. [15]
  8. "Juice jacking" is a type of hacking that occurs when you plug a susceptible phone into a charging station that has malware installed. To avoid data theft and malware installation without your consent, stick to using your own charger. [16]
  9. Advertisement

Expert Q&A

Search
Add New Question
  • Question
    How can I be safe with my phone?
    Aydin Yildiz
    Electronics Repair Specialist
    Aydin Yildiz is an Electronics Repair Specialist and the Founder of Aasha Inc. With more than five years of experience, he specializes in phone, tablet, and computer repairs. Aydin holds an MBA from Southern States University.
    Electronics Repair Specialist
    Expert Answer
    Always check and see what's running in the background of your phone. Make sure you know what permissions these apps have, and that they aren't doing anything you don't want them to do, like tracking your location.
  • Question
    Hi, my 2 phones are hacked by a guy in the USA. I can't make calls, texts or use the internet. He has deleted my gigggaff account and my emails or changed the passwords. Advice please.
    AnotsSpaen
    Community Answer
    Download your android's firmware on your computer, and a version of odin from XDA developers, and then reflash the full phone back to normal after entering download mode.
Ask a Question
      Advertisement

      Tips

      • If the hacker performed activities that increased your phone bill, such as overusing your data plan or making long distance phone calls, contact your mobile provider to let them know you were hacked. Depending on the situation and the provider, you may be able to get a discount on the overage charges.
      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Name
      Please provide your name and last initial
      Thanks for submitting a tip for review!
      Advertisement

      About This Article

      Article Summary X

      1. Reboot your Android in Safe Mode.
      2. Remove admin access for apps.
      3. Remove apps you don't recognize.
      4. Turn off app installs from unknown sources.
      5. Clear all app caches.
      6. Change your Google account password.
      7. Install antimalware software and run a scan.
      8. Do a factory reset if necessary.

      Did this summary help you?
      Thanks to all authors for creating a page that has been read 111,543 times.

      Is this article up to date?

      Advertisement