In this section, we will go through some basic steps to check for malicious activity on an Android device. All steps in this basic section can be completed with built-in system features and existing online tools.
Warning: because of their security model and their caracteristics, it is challenging to do live forensic on an Android system. We are bringing here some hints on what to check on a potentially compromised device, but this process is less reliable than the Windows or MacOS processes.