Android's built-in security is failing to protect users from stalkerware, leaving many vulnerable to digital surveillance. This is a serious issue, and it's something everyone with a smartphone should be aware of.
A recent evaluation by the Electronic Frontier Foundation (EFF) and AV-Comparatives revealed some alarming findings about how well Android antivirus apps detect stalkerware. The tests, conducted in August and September of 2025, showed significant differences in detection rates among popular security products. Some of them failed to identify nearly half of the tested spyware samples.
These insidious apps, often disguised as parental control or employee monitoring tools, allow for the covert surveillance of a victim's texts, calls, location, photos, and app usage. Sadly, this type of software is particularly prevalent in cases of intimate partner abuse. To make matters worse, installing stalkerware usually requires physical access to the device, after which the spyware hides itself, sends collected data to a remote server, and often resists uninstallation.
But here's where it gets controversial... The companies behind these tools often exploit legal gray areas. While selling the software might be lawful in some jurisdictions, installing it without consent is generally illegal. Vendors often include disclaimers suggesting the buyer must inform the device owner, but their software is explicitly designed for stealth. Previous breaches, including those affecting SpyX, Cocospy, and Spyic, have also exposed collected data to the public, adding a broader cybersecurity dimension to the issue.
Let's dive into the specifics: The joint test by the EFF and AV-Comparatives pitted 13 leading mobile security products against 17 real-world stalkerware samples. The results were quite varied. Malwarebytes emerged as the top performer, detecting 100% of the test cases. Bitdefender, ESET, Kaspersky, and McAfee followed closely, each achieving a 94% detection rate.
And this is the part most people miss... Android's built-in security solution, Google Play Protect, detected only 53% of the samples – the lowest score of all the products tested. Trend Micro and G Data also underperformed, with detection rates of 59% and 65%, respectively.
While the 2025 test showed improvements compared to previous tests in 2020 and 2021, AV-Comparatives warned that generic threat labeling and inadequate user notifications remain widespread. This means victims might not fully understand the danger they're facing or how to respond safely.
The researchers also noted that many of the 17 apps tested were repackaged versions of the same underlying codebase, suggesting a shrinking but still persistent ecosystem. This decline in diversity could be linked to regulatory pressure or the rise of physical trackers like Apple AirTags, which are increasingly used in stalking scenarios.
Crucially, the test didn't just measure whether stalkerware was detected. It also evaluated how each product reported threats. Clear, contextual warnings are essential to help victims understand the danger. Generic alerts like “Potentially Unwanted Application” or “Threat Detected” fail to convey the severity of the risk. Only a few products explicitly labeled threats as stalkerware or explained their capabilities. Kaspersky was the only app tested to warn users that immediate removal could alert the abuser, a key safety consideration that remains overlooked by most vendors.
While none of the apps removed stalkerware automatically (a positive, as this could provoke retaliation), the lack of secure notification channels, such as out-of-band alerts via email, poses another risk. In situations where the abuser monitors the victim’s screen activity, in-app alerts could inadvertently tip them off.
So, what can you do? If you're concerned about stalkerware, consider using a mobile security app with proven detection capabilities. Don't rely solely on Android's default Play Protect system.
What do you think? Are you surprised by these findings? Do you think more needs to be done to protect users from stalkerware? Share your thoughts in the comments below!
