Mobile device compromise is one of the fastest-growing cybersecurity concerns for individuals and professionals alike — especially in Nigeria where targeted attacks against journalists, lawyers, and government officials have been documented. Here are five signs your phone may have been compromised.
Spyware runs continuously in the background — monitoring calls, capturing screenshots, and transmitting data. This causes abnormal battery consumption even when the phone is idle. If your battery started dying faster with no change in usage, this warrants investigation.
Check your monthly data usage per app in Settings. Spyware must transmit the data it collects — screenshots, microphone recordings, location data — back to a C2 server. Look for unfamiliar apps using significant background data.
If your phone is physically warm when it has been sitting unused for hours, something is running. Normal phones do not generate significant heat at idle. A warm idle phone suggests background processing — potentially malicious.
On modern Android and iOS, a green or orange indicator dot appears when any app accesses your microphone or camera. If you see this indicator when you are not in a call or taking photos, investigate immediately which app triggered it in your Privacy settings.
Stalkerware often hides itself but can leave traces — disabled security settings, unfamiliar apps with device administrator privileges, or accessibility services granted to apps you do not recognise. Audit these regularly.
What to do: Factory reset is the most reliable fix. Before that — backup nothing that might carry the malware over. If you believe you are a targeted individual (journalist, activist, government official) contact a digital security professional before doing anything — evidence preservation matters.
Written by O.T. Nathaniel, AMICDFA, CCEP, CBTP — SOC Analyst & Founder of Cyber Nate