Skip to content

this is what mobile spy services are like that can land you in jail

23 mayo, 2021

If you have come this far you may have done it looking for a tutorial or guide on how to spy on an Android mobile. Well, we are sorry to tell you that you will not find it here, but you will see how these tools work, how much they cost and, of course, what can happen to you in legal terms.

We have investigated and tested different alternatives to see if they are real and meet expectations, and the truth is that … yes. The software exists, works, and is available to anyone who is willing to pay for it. But of course, we have also spoken with a lawyer specialized in Criminal Law who has made it quite clear to us that we can go to jail up to four years for using it, so it might not be a very good idea. But let’s not get ahead of ourselves, let’s start at the beginning.

From Xataka Android we do not encourage or encourage the use of these types of tools. For journalistic and informative reasons, we wanted to reflect how these applications work and what can be achieved, highlighting, above all, the legal consequences.

Hack WhatsApp: the dangers of applications that promise to spy on conversations

How to PROTECT your ANDROID from VIRUSES and MALWARE: Tips and Tricks

Spy on an Android mobile, this is how we have done it

Spy

A simple Google search is enough to discover countless programs that promise to spy on Android phones. It is curious, in fact, that the vast majority of companies that offer them have a neat website, with very white messages that imply that it is normal for you to want to use their software. For example, some companies say that it is parental control software, used to know where your children are and “have peace of mind” or to monitor employees who may put your company at risk.

Yes indeed, no one is responsible for how you use it. They provide you with the tools, how you use them is something that already depends solely and exclusively on you. Some of the applications make it clear in their legal terms that you can only use it on a personal mobile phone or that you own, that you have explicit written permission from the user to monitor and that you know that you must comply with the laws of your country. All this to end with a “you assume full responsibility for installing and using this software” and that “the company, seller or distributor is not responsible for any legal violation or consequence of using it”.

“Some reasons to spy on someone might be that parents need to protect their children from cyber threats, the partner who wants to see if their spouse is cheating on them, or the business owner who wants to check employee loyalty and see if they are filtering important commercial agreements or not “- Arguments of one of the websites that offer spyware.

And how do they work? It is not much of a mystery, but they have the slight drawback that you must have, yes or yes, access to the victim’s mobile, that is, you must have in your possession the mobile you want to spy on. In fact, it is curious how simple and fast the configuration process is, just a couple of minutes if you are moderately agile and know what you are doing.

Download Apk All the services have in common that you must install an APK file on the victim’s mobile.

All of these services have two components: a client on mobile and an online control panel. For the tool to work, the company provides you with an APK file that you must install on the mobile to spy. When you do, this software monitors all the activity of the device and allows you to check its status remotely through the control panel. Obviously, the mobile must always be connected to the Internet.

The first thing spy tools ask you is to deactivate Google Play Protect

When you install an APK file like this, Google Play Protect detects that it is a malicious file whose behavior resembles, if not the same, that of a Trojan on PC. After all, it has built-in functions like a keylogger (to track keystrokes), location access, etc. Therefore, the first thing they ask you before installing the APK is that disable Play Protect, since otherwise the mobile would detect certain suspicious activity and warn the user or, directly, uninstall the application from one moment to the next.

Configuration 1 The first thing applications ask us is that we deactivate Google Play Protect to prevent the device from detecting the malicious application.

Also, when you disable Play Protect, you have to grant you all the permits you have and for having: location, SMS and MMS, calls, contacts, record audio, take photos and videos, access to photos, multimedia content and files, and calendar. You must also deactivate battery optimization (so that Android does not close it when it is in the background), activate accessibility permissions (so that the app does not stop if the mobile is restarted, for example) and activate the device manager ( to prevent the phone from locking or enable remote file deletion).

Configuration 2 The setup process can change from one app to another, but they all require you to give them all possible permissions, set it up as a device administrator, etc.

Once you have opened all the doors of the mobile, the application shows a button to hide the app drawer icon and start monitoring. And do not think that it is easy to find it in Settings> Applications, nothing is further from the truth. The application disguises itself with a technical name like “Sync Services”, “System Service” and the like. If Android notifies the user that “Sync Services is accessing your location”, possibly he will think that it is something from the mobile and that it does not deserve more attention.

And it works, of course it works. After all, you have disabled all security measures on your mobile, so you are literally at your mercy. Right here below you can see how we have managed to access the GPS location almost in real time of a test mobile with software that, by the way, is free.

Location With the software we can see the location of our victim in real time. The address has been blurred for privacy reasons.

This other software that you have here below allows take a photo with the internal camera every time the victim unlocks the device and access the screenshots that the user has taken. If you click on it, you can download it to your computer and even know the exact geographical coordinates. This one, for example, was made to me when I unlocked the phone to see if the app was properly configured. You can also see how it has recorded the screenshots I have taken.

Spy 2 In the image above you can see how the application has taken a photo of me without my knowing it when unlocking the screen. The image below shows the record of screenshots that have been taken from the mobile.

It is not the only thing you can do. In other software, you can activate the camera and take live photos, record ambient sound, check received messages (be it WhatsApp, Telegram, Line or whatever app you want) by registering notifications and messages sent using a keylogger, accessing the gallery, viewing call history, browsing history … You can access everything, absolutely everything, as long as you are willing to pay.

The software they are not exactly cheap. There is a high demand, so companies do not hesitate to set quite high prices. We are not going to say the name of the companies, but in the following table you can check the price ranges of all the ones we have investigated:

PRICES

SERVICE 1

Standard: $ 21.99 per month
Premium: $ 25.9 per month
Gold: $ 30.99 per month

SERVICE 2

Basic: $ 29.99 per month
Premium: $ 35.99 per month

SERVICE 3

Basic: 26.99 euros per month
Premium: 59.99 euros per month
Family package: 52.82 euros per month

SERVICE 4

Premium: $ 68 per month
Extreme: $ 199 every three months

SERVICE 5

Personal: $ 29.95 per month
Family: $ 49.95 per month

SERVICE 6

$ 7.90 per month

SERVICE 7

Premium: $ 29.99 per month
Ultimate: $ 39.99 per month

Some services offer discounts if you buy an annual subscription or month-long packages. Base prices are shown here.

The myths of mobile hacking

spy

We see that it is completely possible to spy on an Android mobile (some software also works on iOS through company certificates of dubious origin), although it is clear that, in one way or another, it is necessary to have physical access to the terminal. This is not to say that it is not possible to hack a device remotely using phishing attacks, for example.

These types of attacks do not require the user to install an app, but rather to be caught in a trap. The most famous case was Celebgate, when hundreds and hundreds of photos of celebrities were leaked after a hacker accessed their iCloud accounts. As it did? Sent an email pretending to be Apple and requesting that they log into their accounts. He created a fake website, those affected entered their credentials in it and voila, the hacker obtained the users and passwords. The rest, as they say, is history.

Milanuncios Some “hackers” offer their services in milanuncios, ranging from hacking a mobile phone to erasing traffic tickets. They usually ask you to contact by WhatsApp.

There are several people who are advertised through pages as milanuncios that promise to hack a mobile remotely. Well, this, and everything you want, like eliminating fines from the DGT, getting competitive exams, hacking betting sites and casinos … We called a few to see what they were capable of doing, but when they picked up the phone they stayed listening to us and they didn’t say anything.

Be that as it may, what is clear is that using these types of tools is not a good idea. Beyond the fact that it is unethical and morally questionable, if the person you are spying on catches you (because they see high battery consumption or data from a service that they do not know and become suspicious, for example), they can file a complaint and send you to jail.

And what can happen to you at the legal level?

Spy 1

Although the services are advertised as a parental control system, to be sure your family is okay and other white collar arguments, it is clear that using the software without the consent of the other person is not legal. Be careful, do not install, use. That you install the application is one thing and that you use it to access personal data fraudulently are different things.

It does not matter if it is your wife, your husband, your son, your daughter or a distant cousin, if the person discovers that you have been accessing their information without their consent and files a complaint, tea…