Your phone might be listening to you right now, and not just through Siri. At least seven apps have been caught secretly recording calls, activating microphones, or tracking locations without any visible sign on the device. Some were built as spy tools from the start. One is a voice assistant used by more than a billion people.
Below is what federal regulators and investigative journalists have confirmed about each app, followed by step-by-step guidance on finding and removing them.
1. SpyFone
SpyFone is the only app on this list that the Federal Trade Commission has permanently banned. In September 2021, the FTC ordered the company and its CEO out of the surveillance business entirely and required it to delete all secretly harvested data from its servers. The agency found that SpyFone apps could monitor phone activity, including activating the device’s microphone and camera in some versions, all while running invisibly in the background.
The FTC also found that SpyFone’s lax security left the stolen data exposed online, meaning victims faced risks not only from whoever installed the app but from any hacker who stumbled across the unsecured servers. The agency required SpyFone to notify every person whose device had been compromised. It remains one of the most sweeping enforcement actions ever taken against a stalkerware company.
2. MobileSpy
MobileSpy was one of three products made by a company called Retina-X Studios. The FTC settled with Retina-X after finding that its apps captured calls, texts, photos, and location data while letting the installer hide the app icon so the phone’s owner would never know monitoring was active. That icon-hiding feature is a hallmark of stalkerware: software engineered to be invisible on the target’s device.
Retina-X marketed MobileSpy for monitoring employees and children, but the FTC noted that the same features made it trivially easy to repurpose for intimate-partner surveillance. The settlement required the company to strengthen its security practices and ensure its apps could not be used to secretly monitor people.
3. PhoneSheriff
PhoneSheriff was the second Retina-X product named in the FTC settlement. It was pitched as a parental-control tool, but it shared the same stealth-monitoring architecture as MobileSpy. Once installed, PhoneSheriff could log texts, track GPS coordinates, and record browsing history without displaying any persistent notification to the device owner. The FTC’s action against Retina-X covered PhoneSheriff’s data practices alongside those of its sibling apps.
4. TeenShield
TeenShield rounded out the Retina-X trio. Like its companion products, it was designed to run silently after installation and transmit monitoring data to a remote dashboard. The FTC found that Retina-X failed to adequately secure the data collected by TeenShield and its other apps, leaving sensitive information about monitored individuals vulnerable to unauthorized access. All three Retina-X products are covered by the same consent order, which imposed ongoing compliance obligations on the company.
5. FlexiSPY
FlexiSPY is a commercially available monitoring tool that openly advertises call interception, ambient microphone activation, and keystroke logging on its website. Investigative reporting by Vice’s Motherboard has documented how the app operates once installed on a target device, running in the background with minimal visible indicators. FlexiSPY typically requires physical access to the phone for installation, after which it can relay data to a web-based control panel.
No FTC enforcement action against FlexiSPY appears in the public record as of June 2026. Its inclusion here is based on its prominence in consumer-privacy reporting and its documented feature set, not on a confirmed regulatory finding. That said, the app’s own marketing materials describe capabilities that mirror the practices the FTC found objectionable in the SpyFone and Retina-X cases.
6. mSpy
mSpy is another widely discussed commercial monitoring app. It advertises the ability to read text messages, track GPS locations, monitor social media activity, and log keystrokes. Like FlexiSPY, it generally requires physical access to the target device for a full installation, though some features can be enabled through iCloud credentials on iOS devices.
mSpy has been the subject of multiple data breaches that exposed customer and target information, as reported by cybersecurity journalist Brian Krebs. No FTC enforcement action specifically targeting mSpy is reflected in the public record as of June 2026, but the app’s repeated appearance in breach reports and domestic-abuse case studies makes it a significant concern for anyone auditing their device for unwanted monitoring software.
7. Siri (Apple’s voice assistant)
Siri is different from the other six entries on this list. It is not stalkerware. But in August 2019, a whistleblower told The Guardian that recordings captured by Siri, including accidental activations that picked up private conversations, were being reviewed by human contractors as part of a quality-grading program. The source described hearing snippets of medical discussions, business negotiations, and intimate exchanges that users almost certainly never intended to share.
Apple suspended the contractor-review program after the story broke and issued a public apology, acknowledging that users had not been clearly informed about the extent of human review. The company later made audio grading opt-in and published updated privacy documentation. Siri’s inclusion here is not meant to equate a mainstream voice assistant with purpose-built spyware, but it illustrates a broader point: even trusted platforms can mishandle audio data, and users should understand what they are consenting to when a microphone is always listening for a wake word.
How to find and remove hidden recording apps
If you suspect stalkerware is on your phone, do not rush to delete it. The FTC’s consumer guidance warns that abruptly removing a monitoring app can alert the person who installed it, which may escalate danger in domestic-abuse situations. If you are in an abusive relationship, contact the National Domestic Violence Hotline (1-800-799-7233) or reach out to the Coalition Against Stalkerware before taking technical steps. Safety planning should come first.
Once you have a safety plan in place, here is what to do on each platform:
On Android
- Restart in Safe Mode (hold the power button, then long-press “Power Off” until the Safe Mode option appears). This disables third-party apps temporarily.
- Go to Settings > Apps and scroll through the full list. Look for apps with generic names like “System Service,” “Phone Update,” or anything you do not recognize.
- Check Settings > Security > Device Admin Apps. Stalkerware often grants itself administrator privileges to resist deletion. Revoke admin access for any app you did not authorize.
- Run a scan with a reputable mobile security app such as Malwarebytes or Lookout.
- If the app persists or reinstalls itself, a factory reset may be necessary. Back up photos and contacts first, but do not restore from a backup that might contain the stalkerware.
On iPhone
- Go to Settings > Privacy & Security > Microphone (and separately, Camera and Location Services). Review which apps have access and revoke permissions for anything unfamiliar.
- Check Settings > General > VPN & Device Management. If you see a configuration profile you did not install, it may be enabling monitoring software.
- For Siri specifically, go to Settings > Siri & Search and toggle off “Listen for ‘Hey Siri'” if you want to prevent passive microphone listening. You can also go to Settings > Privacy & Security > Analytics & Improvements and disable “Improve Siri & Dictation” to opt out of audio sample sharing.
- Update to the latest version of iOS. Apple has progressively tightened restrictions on background app activity and added notification indicators (the orange and green dots at the top of the screen) that show when an app is using the microphone or camera.
What to do if your data has already been exposed
If you believe personal information was collected by stalkerware, the FTC directs affected individuals to file reports at reportfraud.ftc.gov and to visit identitytheft.gov for identity-protection steps. Those steps include monitoring credit reports, placing fraud alerts, and freezing credit files. Spanish-language resources are available through consumidor.ftc.gov.
These tools exist because enforcement actions like the SpyFone ban revealed that stolen data can sit on company servers long after a victim discovers the intrusion. Regulatory remedies tend to focus on systemic fixes rather than individual compensation, so taking protective steps on your own is essential.
Staying ahead of the next recording app
No checklist can guarantee safety against a determined person with physical access to your device. But a few habits significantly reduce your exposure:
- Keep your operating system updated. Both Apple and Google have added stalkerware-detection features in recent OS releases, including microphone and camera indicator lights and alerts for unknown tracking devices.
- Only install apps from official stores. Most stalkerware requires sideloading or a jailbroken/rooted device. On Android, make sure Settings > Security > Unknown Sources is disabled.
- Use a strong lock screen. A six-digit PIN at minimum, biometrics if possible. Physical access is the primary installation vector for every stalkerware app on this list.
- Audit app permissions regularly. Pay special attention to microphone, camera, and location access. If a flashlight app is requesting microphone permission, that is a red flag.
- Watch for unusual battery drain or data usage. Stalkerware running in the background often causes both, because it is constantly transmitting recorded data to a remote server.
The confirmed enforcement record shows that hidden recording is not hypothetical. Federal regulators have shut down companies over it, and a whistleblower proved that even Apple’s own systems captured conversations users never meant to share. The seven apps above are not the only threats out there, but they are the ones with the strongest documented track records of covert recording. Knowing their names is the first step. Checking your phone is the second.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
