If you have arrived by now, you may have been looking for a tutorial or guide how to spy on Android mobile. We are sorry to say that you will not find it here, but you will see how these tools work, how much they cost and, of course, what can happen to you in legal terms.
We have researched and explored different alternatives to see if they are realistic and meet expectations, and the truth is … yes. The software is available, functional, and available to anyone willing to pay for it. However, we have also spoken to a special lawyer in the Criminal Law that has made it very clear to us we can go to jail for up to four years to use itSo it may not be the best idea. But let's move on, let's start at the beginning.
At Xataka Android we do not endorse or encourage the use of this type of tool. For journalistic and informational reasons, we wanted to look at how these programs work and how they can be accessed, to highlight, above all, the legal consequences.
Spy on Android mobile, so we have it
A simple Google search is enough to find many applications they promise to spy on Android phones. Surprisingly, in fact, most of the companies that provide them with a well-maintained, whitewashed account have a good idea that you usually want to use their software. For example, some companies say it's parental control software, which is used to find out where your children are and have "peace of mind" or to monitor employees who may put your company at risk.
Yes, no one is responsible for how you use it. They give you the tools, how you use them is something that only depends on you. Some applications make it clear in their legal terms that you can only use it on a personal phone or that you own, that you have written consent of the user monitor and know that you must comply with the laws of your country. All of this ends with "assuming full responsibility for installing and using this software" and that "the company, vendor or distributor is not liable for any copyright infringement or consequence of using it".
"Some of the reasons we want to see someone may be that parents need to protect their children from cyber threats, the couple who wants to see if their spouse is cheating on them, or the business owner who wants to check the employees' loyalty and check whether to filter important sales agreements or not" – Debates on one of the websites which provides spyware.
And how do they work? They don't have a big secret, but they have that little bit you must have, yes or yes, access to the victim's mobile phoneThat is, you have to have your mobile phone you want to pay attention to. In fact, it's amazing how easy and quick the configuration process is, just a few minutes when you're older and you know what you're doing.
All these services have two components: mobile client and online control panel. In order for the tool to work, the company provides you with an APK file that you must install on your mobile phone for testing. When you do, this software monitors all device activity and lets you monitor its status remotely through the control panel. Obviously, the cell phone should always be connected to the Internet.
The first thing the tools ask you to do is disable the Google Play Protocol
When you install an APK file like this, Google Play Protect considers it to be a malicious file whose behavior is similar, if not more, to Trojan on PC. After all, it has built-in functions such as keylogger (key tracking), location access, etc. So, the first thing they ask you before installing the APK is do Protect Protection, because otherwise the phone will detect some suspicious activity and alert the user or, more precisely, uninstall the app at any time.
Also, if you disable Play Protect, you should give you all the permission you have and have: location, SMS and MMS, calls, contacts, sound recordings, taking pictures and videos, accessing photos, multimedia content and files and calendar. You should also activate battery efficiency (so that Android doesn't close it when it's in the background), activate access permissions (so the app won't allow when the phone is reopened, for example) and activate the device manager (preventing the phone from locking or enabling remote file removal).
Once you have unlocked all the mobile doors, the app shows a button to hide the app icon icon and start monitoring. And don't think it's easy to find in Settings> Applications, nothing else is going on from the original. The application disguises itself with technical names like "Sync Services", "Service Service" and the like. If Android were to inform the user that "Sync Services is accessing your location", they might think that it was something taken from a mobile phone and deserved no extra attention.
And it works, obviously it works. After all, you have disabled all the security mechanisms of your phone, so it is at your mercy. Here below you can see how we were able to access GPS location in real time from a test mobile device that is, by the way, free.
The specific software you have below allows it take a picture with the inside camera every time the victim opens the phone and access the screenshots taken by the user. If you click on it you can download it from the computer and even know the exact links to the world. This, for example, I did when I opened the phone to see that the app was built correctly. You can also see how you recorded the screenshots I took.
It's not the only thing you can do. In other software, you can operate the camera and take live pictures, record live audio, check the received messages (WhatsApp, Telegram, Line or app you want) with a notification log and messages sent via keylogger, access the gallery, view call history, browsing history … You can start accessing everything, everything, as long as as long as you are willing to pay.
Software they are very cheap. There is a great need, so companies are not shy about setting higher prices. We can't name the companies, but in the following table you can see the price ranges for all of those we surveyed:
PROGRAMS |
|
---|---|
SERVICE 1 |
Standard: $ 21.99 per month |
ACTIVITY 2 |
Basic: $ 29.99 per month |
ACTIVITIES 3 |
Basic: 26.99 euros per month |
ACTIVITIES 4 |
Payment: $ 68 per month |
ACTIVITY 5 |
Personal: $ 29.95 per month |
ACTIVITY 6 |
$ 7.90 per month |
SERVICE 7 |
Payment: $ 29.99 per month |
Some services offer discounts when purchasing yearly subscriptions or monthly packages. Prices are visible here.
Mobile hacking myths
We see that it is entirely possible to spy on Android mobile (Other software also runs iOS using company certificates of undesirable origin), but it is clear that, in some ways, physical access is required to the terminal. This does not mean that it is not possible to log a device remotely for phishing attacks, for example.
These types of attacks do not require the user to install the app, but rather to bite the snare. The most famous case was Celebgate, when hundreds and hundreds of celebrity photos were exposed after an intruder hacked into their iCloud accounts. As it did? He sent an email like Apple and they are asking to log into their accounts. He built a cached website, those affected put their credentials in it and voila, the hacker discovered users and passwords. Some, as they say, history.
There are several people who say Advertise with pages as my ads that promise to hack a cellphone away. Yes, this, and everything you need, like clearing the DGT fine, getting opposition tests, entering gambling sites and casinos … We called a few to see what they could, but when they got the call they kept listening and saying nothing.
Either way, it's clear that using these types of tools is not a good idea. Otherwise questionable and morally questionable, if the person you are investigating caught you (because they see high battery usage or data from a service they don't know and suspect, for example), they can file a complaint and send you to jail.
And what can happen to you legally?
Although the services are advertised as a parental control program, to make sure your family is OK with other white glove disputes, obviously using software without the permission of another person is not illegal. Be careful, do not install, use. Saying that installing an app is one thing and that using it to access personal data is tricky are different things.
It does not matter if it is your wife, your husband, your son, your daughter or a distant cousin, if that person finds out that he or she obtained personal information without their permission and files a complaint, you are in danger of going to jail. Depending on the situation of the judge, the context and how it is interpreted, but the law is the law.
And what does the law say? To overcome these doubts speak to Federico González Barrera, a researcher in the Department of Criminal Justice at the University of Granada and a special lawyer in the Criminal Law. As he tells us, "the possibility of getting personal information from a mobile app is a very exciting issue that has led to the change in the Penal Code since LO 1/2015".
If the information is released without the consent of the owner, the fine can be imprisoned for 1-4 years and a fine of 12-24 months
With the modification of this "article 197 was modified", add four new articles "aimed at ensuring the effectiveness of i puniendi (literally translated "right to punishment") before a new legal-criminal matter such as the use of new technologies to steal personal data"
According to what he tells us, "Section 197.1 regulates a type of basic and historical crime, that is, one who punishes a confidant who violates the privacy of another, without the consent of the taxpayer (victim)." This may include emails, messages, files … If done without the owner's permission ", it may give you the effect of this provision on its fines. imprisonment for 1-4 years and a fine of 12- 24 months"This will increase if, for example, these photos are transferred to third parties, under article 197.3 CP.
As for the current case, "I think we should go to the novel articles 197 bis and ter, including charges of fraud, hacking, and new ways of using computer equipment to commit crimes committed under art. 197. 1 and 2 CP. "
The first of them (197.bis.1) "describes the crime of accessing information systems". With this new invitation, the lawyer continues, "the fact that the prostitute allows any third party access to computer data or information systems is punishable." This crime is known as "cybercrime".
"I think the article 197 is the most accurate one to answer the question you ask me," continued González. "This law affected the types of preparation for participation in the acts provided for in the article 197.1 and 2 CP" and for this crime to occur "it is necessary to have a previous category of crime, that is, have a working title (author) raised, before the criminal case was cited in 1977 (finding information, photos … with or without the permission of the author), to facilitate the transfer of these cases to third parties from the creation of a computer program (such as an application) or an access code that allows access to all or part of the information system ".
Companies wash their hands of how a user uses software. It's like blaming a knife-wielding criminal
However, we're talking about programs that, at least for the gallery, are marketed as parental control software too they don't care how the user uses them. Put it this way: A gun maker is not responsible for someone who uses their weapons to kill, just as a knife maker does. The alternative would be for the app to advertise as a test software and to do the things we saw that could be done (if any), and that's where things would change.
"Article 197 fines a fine of six months to two years in prison in that case creating an app that facilitates access to information processes (be it computer, cell phones, tablets …) and, in addition, said that the app permits the removal (with or without the victim's consent) protected by Article 18.3 of the Spanish Constitution. "For example, if a friend of the program proposes to you to apply for spying on your spouse, he or she can kill a sentence sentenced between six months and two years in prison with you, to use it, between one and four years in prison and a fine of between 12 and 24 months.