Hidden Android Administrator Apps

Tips to keep your phone secure

Hidden administrator apps are a type of malware that target Android devices. These threats are characterized by stealth implementation and elevated user privileges, so you don't easily see them and they can do more than a regular app can.

Not all Android administrator apps are malicious and not all malicious apps are hidden or have admin rights, but it's possible for fake apps, spyware, and other unwanted apps to be both.

What Do Hidden Admin Apps Do?

A hidden device admin app—another name for this malware—is an infected application that installs with administrator privileges. The app might hide away from all your other apps, so you have a hard time knowing if it's even installed. Since you don't see it on your home screen, you can't easily remove it.

What's more is that an app with admin rights can't be deleted the normal way even if you do find it. You have to remove its administrative status before you can delete it. There's a legitimate reason for such a restriction (e.g., an antivirus app might have admin rights so that malware can't delete it), but the issue here is that there's a malicious admin app installed.

With administrator privileges, the malware obtains control of the device and can run any code that the app has embedded within it, including installing additional malware, stealing your passwords or files, participating in botnets, and mining cryptocurrency.

How to Find and Delete Hidden Administrator Apps

When the malware attempts to install, it will ask you to grant it elevated privileges. If you deny this request, the app will display frequent pop-up messages, often after you restart the device, asking again for those privileges.

However, pop-up messages don't necessarily mean that the app is malicious. A better way to confirm if you have unwanted, hidden admin apps installed is to check a particular setting on your phone/tablet.

Use Your Device's Settings

  1. Find all the apps that have admin privileges. This is the common way to list them, but the path you take to get there depends on your Android version:

    • Security > Device admin apps
    • Security & privacy > Device admin apps
    • Security > Device Administrators
    • Lock Screen and Security > Other Security Settings > Phone Administrators.
    Android phone with the Security & Privacy and Device admin apps settings items highlighted
  2. Once you've accessed the list of device admin apps, disable admin rights by tapping the option to the right of the app. This will remove the check mark or toggle the button to the off position.

  3. Now you can delete the app normally. On some devices, you can tap the app right there in the admin apps list and then use the Uninstall app link to remove it immediately.

Unfortunately, this method won't work for all variants of this malware since some hidden administrator apps can hide this deactivation option. You can find other installed apps through Settings > Apps & notifications > See all <#> apps, or Settings > Apps > All.

Apps & notifications and

If you're not sure what you're looking for but you suspect that there's a hidden Android administrator app installed, this might be a good time to delete any and all apps you don't use anyway so that that only legitimate apps your recognize are left on your device.

Try a Third-Party App

If you're having troubles finding the hidden Android admin app, Malwarebytes should be helpful. From the menu, tap Privacy audit and then can be Device Administrator. Listed there are all the apps installed on your device that can take on an admin role.

Android admin apps listed in Malwarebytes app

If you select one of those apps, tap App info on the next page to find the Uninstall option.

Run a Virus Scanner

The Malwarebytes app listed above includes a malware scanner, but there are other antivirus apps for Android that you could use instead of or in addition to Malwarebytes.

A virus scanner should be helpful because the hidden admin app most likely includes signatures that match malware, in which case the antivirus app will be able to delete it.

How to Prevent Hidden Administrator Apps

Your best defence against hidden Android admin apps is caution when downloading and installing all apps.

Follow these basic security best practices when dealing with Android apps:

  • Pay close attention to where you found the app. Only download from a reputable app store, like Google Play or Amazon Appstore, avoiding pirated and unofficial sources.
  • Read app reviews before downloading an app. Users often rate an infected app poorly and warn others to avoid it.
  • See who's releasing the app. If it's not the name of the company that made the app or it's a name you don't recognize, do some research and visit their website to get a full understanding of who they are and why they offer that app.
  • Be aware of the prompts you see on your device. If an app is requesting admin rights, ask yourself if it's really necessary. It makes sense for legitimate security-related apps to request such permissions so that the screen can be locked by the app or data can be erased remotely, but other apps don't usually need those rights, like a calculator, messaging app, bank app, etc.
  • Keep your device updated to address security flaws that a hidden admin app could penetrate.

Other Kinds of Hidden Apps

Some Android apps aren't hidden because they're malicious but instead because they were purposefully hidden. For example, a teen might be hiding images, videos, or other apps away from parents.

Look through the list of apps on the device to see everything that's installed, not just what's visible on the home screen. Also look out for apps made specifically for hiding things. They might go by the name AppLock, App Defender, or Privacy Manager. In some cases, if it's a vault app, the name could be cloaked to remain inconspicuous. Most privacy apps are probably password protected.