We stand with Ukraine to help keep people safe. Join us

Tags Spying

Hermit Spyware

Worried that you’re being spied on? In 2022, security researchers discovered Hermit, a new type of government-grade spyware that infects both iOS and Android devices. Below, we’ll explain what Hermit is, how to detect it, and how to protect your device from spyware. After you’ve learned about Hermit spyware, make sure to run a deep scan with Clario AntiSpy to see if your device has become infected.

Table of contents

Hermit spyware–key facts

Hermit is a type of malicious software that’s used to spy on a mobile device, logging any activities and personal information on that phone.


How does spyware work? By disguising itself on the victim’s device, Hermit can record keystrokes and passwords, take screenshots, monitor browsing habits, track location data, intercept phone calls, and more. It can then send all of this stolen data to a remote server controlled by the cybercriminals.

Who created Hermit spyware?

Hermit was created by the RCS Lab, the Italian spyware company that was also behind the notorious Pegasus spyware. The RCS Lab creates and sells spyware like Hermit to government agencies to enable them to spy on their citizens for counterterrorism purposes.


You might be wondering, is spyware illegal? It depends. In this case, RCS Lab claims they’re operating legally under European policy and laws.

How dangerous is Hermit spyware?

Hermit is extremely dangerous, especially when used by malicious actors. Not only can Hermit be used to siphon all of your sensitive data, but it can also be used to stalk you, monitor your phone calls, and steal your identity.

How to detect Hermit spyware

Hermit is sophisticated spyware, so it’s very difficult to detect and even harder to remove. However, we might be able to help.

How to find Hermit spyware on iOS

It still isn’t known how hackers install Hermit on iOS devices. This means that the only way to detect it is to look for the generic signs of a spyware infection or use a specialized app like Clario AntiSpy to uncover it.


To use Clario AntiSpy:

  1. Download Clario AntiSpy and create an account
  2. Go to Spyware scan
  3. Select Run a deep scan and follow the on-screen instructions to run a spyware scan.
How to run a deep spyware scan on your mobile device.

If you’re still unsure, look for these warning signs:

  • Unknown apps installed on your phone. If you are using an iPhone, from the home screen, swipe left to access the App Library. Perform an analysis of the list for any apps that you aren’t sure of. Uninstall any that look suspicious or that you no longer use.
  • Increased data usage and decreased battery life. If your phone suddenly begins using more data, you might have a spyware or malware infection. Likewise, if your phone suddenly begins running out of battery quicker, it might be infected.
  • Suspicious configuration profiles. Mobile device management (MDM) profiles are used to gain access to an iOS device's deeper settings. Go to Settings > General > Profile & Device Management. If there are any profiles installed here, you might have a spyware infection.

How to find Hermit spyware on Android

Hermit malware is usually installed on Android devices when the user is tricked into downloading a malicious app. To detect Hermit spyware on Android:

  • Scan your device with Clario AntiSpy. Download Clario AntiSpy for Android. Select Spyware scan, then tap Run a deep scan.
  • Check for suspicious apps. Go to Settings > Apps and scan the list for any apps you don’t remember installing.

How to protect yourself from Hermit spyware

Here’s how to protect yourself from Hermit spyware:

  • Only download official apps from the App Store or Google Play Store. Since Hermit is usually installed via a fake app download, you can avoid it by only downloading apps directly from the official source.
  • Check Google Play Protect settings. Google Play Protect helps safeguard Android phones against malicious apps. Make sure it’s turned on by going to the Google Play Store settings menu.
  • Know the signs of a phishing attack. Many malicious apps are installed using social engineering tactics like phishing. Knowing what a phishing attack looks like can help you avoid them, ensuring that you remain safe.
  • Update your device to the latest version. Both Apple and Android have released updates that protect your devices against the Hermit spyware. Updating your phone to the latest version ensures that these protections are in place.


Since so little is known about Hermit spyware, it can be hard to detect and remove. If you’re worried that your device has been infected with Hermit, we recommend performing a factory reset immediately. This will delete everything on your device, resetting it to the initial, clean state.

Keep reading

Is your phone being spied on?

Get started