Codes, signals, and complete steps to find out if your Android phone has been hacked and how to fully protect it.

  • Learn the key codes to detect hacks and data theft on your Android phone.
  • Identify all the technical signs and suspicious behaviors that indicate your smartphone may have been compromised.
  • Discover prevention strategies and best practices to protect your privacy and avoid future malware or spying threats.
IsaacUpdated on

8 minutes

Codes, signals, and complete steps to find out if your Android phone has been hacked and how to fully protect it.

Nowadays, the security of our Android mobile is more important than ever. From personal conversations to Bank data and critical passwords, our devices collect every aspect of our digital lives, becoming one of the main targets of hackers. cybercriminalsFortunately, there are methods endorsed by experts and security forces to identify if your mobile phone has been intervened, hacked or spied on, the following being secret codes a straightforward and easy-to-use tool for any user.

In this extensive article you will find a fully updated guide, exhaustive and detailed which covers the best secret codes, the most reliable technical signs of hacking, steps to check your phone, recovery techniques, and, especially, advanced prevention and digital protection strategies. If you suspect someone may be accessing your private information, here you'll discover how to act, protect yourself, and regain your peace of mind.

Why is your phone hacked? Cybercriminals' main tactics

codes to know if your phone has been hacked

The advancement of technology and our dependence on smartphones has made it easier for those seeking to profit from malware, spyware and advanced social engineering techniques. The main motives and methods of attack include:

  • Installation of malware and spywareDownloading apps from unofficial sources or unknown APKs can introduce viruses, Trojans, adware, and spyware that can steal passwords, record conversations, track your location, or intercept your messages.
  • Insecure public Wi-Fi networks: Hackers use techniques known as Man-in-the-middle to intercept your data when you connect to unprotected open networks, capturing sensitive information or modifying data packets sent and received.
  • Phishing and fraudulent messages: SMS, WhatsApp, emails, or even fake calls can try to trick you into clicking on malicious links or revealing your credentials. Phishing is one of the most effective ways to distribute mobile malware.
  • Apps with excessive permissions: Some seemingly innocent apps request unnecessary permissions, such as access to the camera, microphone, location, contact list, or SMS, allowing control and spying on the user.
  • Vulnerabilities and system outdatedness: Failing to install recent operating system or app updates opens the door to known exploits and security flaws that attackers can exploit.
  • Stalkerware and custom spyware: Even close people can install spyware to monitor calls, messages, location, and general device activity.

The ultimate goal: access your personal and banking data, private messages, images, or even take complete control of your device to commit fraud, blackmail, or impersonate you. Understanding the attack pathways is the foundation for staying alert and responding quickly.

Main technical signs that your phone has been hacked

hacked cell phone signals

There is no single sign that indicates 100% that your phone has been hacked, but there are multiple symptoms and abnormal behaviors which, when combined, can raise well-founded suspicions. Here is the most complete and detailed list of intrusion indicators:

  • Unusual overheating: The device becomes hot even when idle due to hidden processes or malicious apps running in the background.
  • Sudden drop in autonomy and battery: If you notice your battery draining much faster than usual, even after replacing or calibrating it, it could be spyware, Trojans, or malware.
  • Messages, calls, posts, and actions you don't recognize: If your contacts receive suspicious messages from your number or see posts you don't remember making, it's a clear sign of compromise.
  • Unknown applications installed: Seeing new apps that you don't remember downloading often indicates that your phone has been compromised or that a legitimate app has been modified.
  • Pop-ups, ads, and intrusive pop-ups: The recurring appearance of ads and strange windows when opening any app may be due to adware installed.
  • Unusual spikes in data usage: A significant increase without changing your usage habits could be due to malicious apps sending information to remote servers.
  • Unexpected changes in configuration or settings: Call forwarding, PIN changes, GPS being activated for no reason, or screen lock changes may indicate remote tampering.
  • Notifications disabled or blocked: If you suddenly stop receiving notifications from WhatsApp, social media, or email, an intruder may be silencing your notifications to act undetected.
  • Disappearance of contacts or appearance of unknown numbers: If you notice strange changes in your address book, your contact list has probably been modified or cloned.
  • Noise, interference, or strange sounds during calls: Recurring interference or unusual noises may indicate that the call is being eavesdropped or recorded.
  • Automatic and unusual power on, power off, or restarts: Malicious scripts can reboot the device to complete an illegal update or erase traces.
  • Slow performance or apps that take a long time to open: A general system slowdown is common when several hidden processes are active.
  • IMEI changes or warnings from your carrier: If your carrier notifies you of suspicious activity, unauthorized SIM swaps, or blocks your services.
  • Unexpected billing and premium service messages: If you notice strange charges on your phone bill or receive unsolicited subscription SMS, malware may have activated premium-rate services.

The sum of several signs should motivate you to use secret codes and follow the rest of the technical checks you'll see below to rule out or confirm a possible hack.

Secret codes to find out if your Android phone has been hacked

secret codes to detect hacking

Los MMI and USSD codes (Man-Machine Interface and Unstructured Supplementary Service Data) are combinations you can enter from your Android phone's keypad to check for data diversions, spying services, IMEI manipulation, or hidden intrusions. To learn more about how to respond, also read how to know if your mobile camera has been hacked.

These codes are universal for most mobile phones and operators. Here are the most reliable and recommended by the Police, cybersecurity experts and international organizations:

  • 002 ## #: Eliminate all call, SMS and data forwarding on your line. It's the first step to stopping any malicious call forwarding (very useful against SIM swapping hacks or call forwarding spying).
  • * # # 62: Shows which number your calls, SMS or data are diverted to If the phone is off, out of range, or unresponsive. If an unknown number appears, contact your carrier immediately.
  • * # # 21: Check if there are active diversions and where your calls, messages or data are being sent.. Useful to know if there is a general intervention of the device.
  • * # # 06: Show the IMEI of your mobile, essential for reporting theft or cloning of the device. Compare this number with the one on the original box.
  • * # * # * # * # 4636: Advanced phone information: Battery diagnostics, statistics, connections, and network. Detects suspicious activity, abnormal apps, connections to unknown data, and location tracking.
  • * # * # * # * # 197328640: Network diagnostics and monitoring: Detects if there are any tracking, location attempts or monitoring of the mobile.
  • * # * # * # * # 232338: Check the MAC address Wi-Fi, useful for ensuring that it has not been impersonated through MITM (man-in-the-middle) attacks.
  • * # * # * # * # 1472365: Quick GPS test to know if your location has been tracked or if there is unauthorized access to your location.
  • * # * # * # * # 7780: Start factory reset as a drastic solution if you fail to eliminate the infection or hack.

To use any of these codes, simply access the Phone app, enter them from the keypad, and press the call button. The system will immediately display the status of these settings and, in some cases, ask you for confirmation before applying the changes.

checking with hack codes

Detailed explanation of the four universal codes recommended by experts

verification with mobile security codes

  • ##002# – The Great Detour Reset
    That makes? Eliminate absolutely all call forwarding activated on your phone, whether intentional, caused by malware, or configured by a third party. Whether the call forwarding is for calls, text messages, or data, this code completely erases it and leaves your line "clean."
    When to use it? If you suspect spying or if your contacts report problems locating you.
  • * # # 62: The hidden redirect detector
    That makes? It clearly shows you which number or service your calls, texts, and data are being diverted to when your phone is out of service or turned off. This is ideal for detecting spying attempts through redirection.
    When to use it? If you notice recurring missed calls, or your friends/family tell you they can't reach you even though your phone is on.
  • * # # 21: The intervention check
    That makes? It reveals whether there is any active diversion for calls, messages, or data, and whether they are being forwarded to an unauthorized number.
    When to use it? Whenever you want to check the overall status of security and detect possible remote listening or surveillance.
  • * # # 06: The IMEI, your mobile ID
    That makes? Display your device's unique identifier. It's vital to note it down in case of any theft, cloning, or serious security issues.
    When to use it? After changing your SIM, if you notice unusual behavior, or if your carrier requests it to verify your identity.

Important: If any of the above codes show suspicious information (forwarding to strange numbers, changed IMEI, routes you don't recognize), act immediately following the technical recovery and prevention guide below.

Other advanced codes and tools for demanding users

advanced hacking diagnostics

Some Android devices, depending on the brand, model and system, support additional codes for expert diagnostics:

  • * # * # * # * # 232338: Check the Wi-Fi MAC address displayed in settings to detect cloning or MITM attacks.
  • * # * # * # * # 1472365: Performs a full GPS test, useful if you suspect your location has been tracked or tampered with remotely.
  • * # * # * # * # 7780: Quick access to wipe and factory reset. Only use after backing up.
  • * # * # * # * # 197328640: Advanced network event and monitoring diagnostics.

Remember that these codes may vary or be restricted by the manufacturer. Always consult official help or specialized forums if a combination doesn't work on your model.

What to do if you suspect your Android phone has been hacked? Advanced recovery protocol

recover mobile phone after hacking

If you experience any suspicious symptoms or results after using the codes, follow this protocol to: shield your privacy, prevent further damage and recover your phone:

  1. Disconnect your mobile from the internet and networks: Turn off Wi-Fi and mobile data immediately to cut off potential remote control connections.
  2. Review and remove suspicious apps: Settings > Apps. Delete any apps you don't know or aren't sure about. Google their names before deleting.
  3. Revoke administrator permissions: Settings > Security > Device administrators. Remove permissions from apps you don't recognize or that are suspicious.
  4. Scan with Play Protect and professional antivirus: Google Play > Play Protect > Scan. Install a recognized antivirus and perform a full scan.
  5. Boot your phone into safe mode: Press and hold the power button, then select "Safe Mode." This will only start system apps and allow you to remove persistent malware.
  6. Update system and all apps: Install the latest updates to close vulnerabilities exploited by attackers.
  7. Use code ##002# to eliminate possible diversions: Check the code and make sure there are no active redirects.
  8. Restore your phone to factory settings only if the above does not resolve the issue.: Make a secure backup first (photos, contacts, accounts). Settings > System > Reset > Erase everything, or by These secret codes.
  9. Change all your passwords from another trusted device: Includes Google, banking, email, social media, and messaging apps.
  10. Contact your operator and/or technical serviceIf you are unable to eliminate the diversions or detect remote access attempts, ask for help blocking the SIM and monitoring attacks.

Extra recommendation: If the symptoms persist after restoring your phone and strengthening security, change your number and consider renewing your device. This is the most drastic way to break the connection with the attacker.

Most common hacking methods and types of mobile malware

mobile malware hacking techniques

To understand the real danger, it is essential to know the types of malware and threats that lurk on Android phones:

  • Adware: It floods you with ads, pop-ups, and intrusive notifications. It can also modify search engines and redirect traffic. To avoid this, check Tricks to avoid being a victim of scams and protect your data.
  • Spyware and keyloggers: They record keystrokes, calls, web history, location, and login data, sending the information to the attacker.
  • Stalkerware: Programs installed by close third parties to spy on, record, or track location and behavior.
  • Ransomware: Blocks access to the device or hijacks files, demanding a ransom.
  • Banking Malware: Steals banking app credentials, passwords, and card details to carry out fraud and unauthorized transfers.
  • Rootkits: They hide malicious activity and allow advanced system control by the attacker.
  • Trojans and bots: They transform your phone into part of a network to carry out coordinated attacks, send spam, or spread malware to your contacts.

The most common entry routes remain downloading apps outside the Play Store, opening suspicious links or files, and connecting to unsecured Wi-Fi networks.

How to know if your mobile camera has been hacked
Related article:
How to know if your phone camera has been hacked: Advanced protection guide, signs, and solutions

Practical tips and effective measures to prevent your phone from being hacked

advanced mobile anti-hacking protection

  • Download apps only from the official Google Play storeAvoid APKs from dubious sources and always check permissions before installing any app.
  • Review and limit app permissions: Settings > Privacy > Permission Manager. Deny access to the camera, microphone, and location unless absolutely necessary.
  • Update the operating system and all apps frequently: Updates close vulnerabilities exploited by cybercriminals.
  • Avoid connections to unprotected public Wi-Fi networks: If absolutely necessary, always use a reliable VPN to encrypt your traffic.
  • Enable two-factor authentication (2FA) For critical services: Google, banking, email, and social networks must be doubly protected against intrusions.
  • Do not open links or attachments from unknown senders.: Phishing remains the most commonly used attack method.
  • Protect your phone with a secure password, fingerprint, or facial recognition.: Change your PIN periodically and avoid simple combinations.
  • Make regular backups: This way you can quickly restore your data in case of hacking or theft.
  • Don't lend your cell phone to strangers Don't leave it unattended in public places: Physical access can be enough to install spyware in seconds.
  • Avoid rooting your phone Unless you know exactly how to secure your device: Rooting removes native Android security layers.
  • Turn off Bluetooth and NFC when you are not using them.
  • Activate Google Play Protect: Settings > Security > Play Protect. Scans all new or suspicious apps in real time.
  • Set up remote wipe using Google's "Find My Device" to erase data in case of theft.
  • Do not use public USB charging networksAvoid juice-jacking, a technique that injects malware while you charge your phone in uncontrolled public places.
Careful! These are the methods by which your mobile can be hacked
Related article:
How to Protect Your Phone from Hacking: Updated Guide and Expert Advice

How to protect your phone's camera and microphone from spying

Camera and microphone privacy is one of the most vulnerable areas, especially with the emergence of apps and smart assistants like Google Assistant, Alexa, and Siri, which can be inadvertently activated. Take these key steps:

  • Review and manage camera and microphone access permissions: Settings > Privacy > Permission Manager. Deny permission to unnecessary or suspicious apps.
  • Use apps that show usage indicatorsStarting with Android 12, your phone displays a green or orange dot when the camera or microphone is activated. You can install apps like Access Dots for older versions.
  • Physically cover the camera when not in use.Use slip-on covers or stickers, especially if your phone is near your bed, bathroom, or private areas.
  • Disable voice assistants if you don't use them: Follow the appropriate route (Google Assistant, Siri, Alexa) to disconnect active listening.
  • Check the microphone and camera usage history: From Settings > Privacy > Privacy Dashboard, review which apps have recently accessed these sensors.

Advanced Precautions and Secure Backups

  • Avoid rooting or jailbreaking your phone: Increases the risk of infection and removes layers of protection.
  • Make double backups: in the cloud and on encrypted external drives: Never rely solely on local backup or Google Drive.
  • Do not grant administrator permissions to strange apps: Periodically review which ones have that role.
  • Set up remote wipe and recovery with the “Find My Device” services.
Report error Facebook
Related article:
How to Report a Problem on Facebook: A Complete, Up-to-Date Guide for Reporting Bugs, Abuse, and Troubleshooting

Call your carrier if the codes don't work.

If the universal codes to deactivate call forwarding don't work or you have questions about possible technical interventions, contact your mobile phone provider in Spain. Customer service numbers for the main providers:

  • Movistar: 1004
  • O2: 1551
  • Vodafone: 22123
  • Lowi: 121
  • orange: 1470
  • Jazztel: 1565
  • Amena: 1478
  • MásMĂłvil: 2373
  • Yogo: 622
  • Pepephone: 1212
  • Digit: 1200
  • Simyo: 121
  • Esukatel: 1717
  • Finetwork: 1777
  • Mobile Republic: 1644
  • Suop: 1212
  • Llamaya: 2376
Upset young woman holding her cell phone
Related article:
Mobile network unavailable: causes, diagnosis, and definitive solution guide

Frequently Asked Questions About Hacking and Protecting Android Phones

  • Can I know for sure if my phone has been hacked? There is no foolproof method, but if you detect several clear symptoms and the codes reveal deviations, the probability is very high.
  • Is a free antivirus enough? It offers basic protection, but paid ones generally detect more advanced Trojans and spyware and offer real-time protection.
  • Should I change my device or number if I can't clean my phone? If the problem persists after restoring it, the most effective way to do this is to change your phone number or mobile phone to break the attackers' access.
  • Can the codes be blocked on my phone? On some models, manufacturers may restrict certain codes, but most work on standard Android.

Turn your mobile into a real digital fortress It is possible if you combine prevention, rapid action when suspicious, and systematic use of secret codesNever underestimate the importance of constant vigilance and personal cybersecurity training, as it's the best investment in protecting your digital life. If you follow the steps and tips outlined in this guide, the risk of hacking is drastically reduced, and you can regain peace of mind even when faced with sophisticated cybercriminals.