The Dangers of Hidden Apps for Forensic Investigations

Nick Olivier • 1 August 2016

"Just because you don't see it, doesn't mean it's not there.."

Hidden apps are growing in popularity. While initially marketed as a way for teens to hide videos, photos, forbidden apps, and text messages from the watchful eyes of parents, the use of hidden apps is quickly expanding. Hidden apps are increasingly used for criminal activity. At the local level, they can be used as a tool to facilitate drug transactions, sexual assaults, child-porn, as well as data exfiltration and theft. On a much larger and more dangerous international scale, these apps can be used for recruitment purposes by ISIS and other terrorist groups. Because hidden apps are becoming more common sources of evidentiary data in criminal cases, it is essential that forensic investigators take the time to learn about them. Otherwise, key evidence could be missed. When it comes to hidden apps, awareness is critical. Forensic examiners must know these apps exist and how to find them. While there are many hidden apps on the market today, new ones are introduced virtually every day. A quick Internet search is an excellent way to stay current on what’s available and trending in the world of hidden apps. Along with knowledge of what’s out there, examiners must know how apps and data are being hidden to ensure they are not overlooked. Types of Hidden Apps There are three main ways to hide apps. Some users manipulate their phones to hide things in places where they don’t belong. Others use apps that are designed to hide other apps inside. Then there are “official” hidden apps (also known as decoy apps), which appear to do one thing while they are actually designed to do something else. One of the most popular hidden apps is the calculator app. These apps are fully functioning calculators with a twist. Once a password is entered, a new interface appears that allows users to access and store pictures, videos, documents or files that are otherwise hidden to someone reviewing data on the phone. A less technical, but commonly seen way to hide apps is for the user to create folders or nests of folders on their phone that appear to be harmless, and then to store data they wish to hide within that folder. They may even install an application that allows them to change an app’s icon so that it appears to be a different app on the phone. Hidden apps reinforce a valuable lesson in the world of forensics, just because you don’t see something initially, doesn’t mean nothing is there. While it is not realistic to expect examiners to stay current on each and every app, knowing they exist and might be installed is essential. During an investigation it is wise to consider a hidden app might be in use, which means a deeper dive is necessary.

SOURCE:
ForensicMag

by Nick Olivier (Ed.) 17 June 2026
Editorial: (Anti Money Laundering) "Anti-Money Laundering and Customer Due Diligence: Empirical Evidence from South Africa." & "Grey-listing: South Africa’s Progress Plan Against its Action Plan." & "The Legal Implications of South Africa’s Grey-Listing for Money Laundering: Analysis and Recommendations ."
by Nick Olivier (Ed.) 13 June 2026
Editorial: (Corporate Governance) "Introduction to Corporate Governance." & "The Concept of Corporate Governance."
by Nick Olivier (Ed.) 5 June 2026
Editorial: (Compliance) "A framework to assess compliance training effectiveness: The case of banks in South Africa."
by Nick Olivier (Ed.) 1 June 2026
Editorial: (Fraud Examination) "Gift or bribe? The characteristics and the role of gift policies in the prevention of corruption."
by Nick Olivier (Ed.) 19 May 2026
Editorial: (Fraud Examination) "Fraud Is Not Just a Control Failure: Integrity Under Pressure."
by Nick Olivier (Ed.) 17 May 2026
Editorial: (Fraud Examination) "Fathoming Fraud: Unveiling Theories, Investigating Pathways and Combating Fraud."
by Nick Olivier (Ed.) 16 May 2026
Editorial: (Fraud Examination) "Forensic Accounting vs Fraud Examination: Roles, Importance and Differences."
by Nick Olivier (Ed.) 9 May 2026
Editorial: (Compliance) "A Comparison of Key Risk Management Frameworks: COSO-ERM, NIST RMF, ISO 31.000, COBIT."
by Nick Oliver (Ed.) 3 May 2026
Editorial: (Digital Forensics) "Digital Forensics Has a Body of Knowledge Problem. This Taxonomy Is My Attempt to Fix It."
by Nick Olivier (Ed.) 2 May 2026
Editorial: (Forensic Science) Comparing "Thompson et al. 2025" with "Morrison et al. 2025": The Question About the Best Way to Present Likelihood Ratios.