现已上线!2025 年 Telegram 研究 — 年度关键洞察 
Android Security & Malware
前往频道在 Telegram
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
显示更多📈 Telegram 频道 Android Security & Malware 的分析概览
频道 Android Security & Malware (@androidmalware) 英语 语言赛道中的 是活跃参与者。目前社区聚集了 43 915 名订阅者,在 技术与应用 类别中位列第 3 078,并在 美国 地区排名第 727 位。
📊 受众指标与增长动态
自 невідомо 创建以来,项目保持高速增长,吸引了 43 915 名订阅者。
根据 17 六月, 2026 的最新数据,频道保持稳定运转。过去 30 天订阅人数变化为 194,过去 24 小时变化为 4,整体触达仍然可观。
- 认证状态: 未认证
- 互动率 (ER): 平均受众互动率为 13.17%。内容发布后 24 小时内通常能获得 5.02% 的反应,占订阅者总量。
- 帖子覆盖: 每篇帖子平均可获得 5 782 次浏览,首日通常累积 2 204 次浏览。
- 互动与反馈: 受众积极参与,单帖平均反应数为 12。
- 主题关注点: 内容集中在 cve-2025, exploit, rat, trojan, bypass 等核心主题上。
📝 描述与内容策略
作者将该频道定位为表达主观观点的平台:
“Mobile cybersecurity channel
Links: https://linktr.ee/mobilehacker
Contact: mobilehackerofficial@gmail.com”
凭借高频更新(最新数据采集于 18 六月, 2026),频道始终保持新鲜度与高覆盖。分析显示受众积极互动,使其成为 技术与应用 类别中的关键影响点。
43 915
订阅者
+424 小时
+897 天
+19430 天
帖子存档
Vulnerabilities across cloud keyboard apps reveal keystrokes to network eavesdroppers (Baidu, Honor, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi that could be exploited to reveal what a user types)
https://citizenlab.ca/2024/04/vulnerabilities-across-keyboard-apps-reveal-keystrokes-to-network-eavesdroppers/
Security analysis of system apps of prepaid Android carrier devices
[slides] https://media.defcon.org/DEF%20CON%2031/DEF%20CON%2031%20presentations/Ryan%20Johnson%20Mohamed%20Elsabagh%20Angelos%20Stavrou%20-%20Still%20Vulnerable%20Out%20of%20the%20Box%20Revisiting%20the%20Security%20of%20Prepaid%20Android%20Carrier%20Devices.pdf
[BlackHat Asia 2024] SystemUI As EvilPiP: The Hijacking Attacks on Modern Mobile Devices
https://www.blackhat.com/asia-24/briefings/schedule/?s=03#systemui-as-evilpip-the-hijacking-attacks-on-modern-mobile-devices-36260
[slides] https://i.blackhat.com/Asia-24/Presentations/Asia-24-WeiMinCheng-systemui-as-evilpip-the-hijacking-attacks-on-modern-mobile-devices.pdf
[BlackHat Asia 2024] Privacy Detective: Sniffing Out Your Data Leaks for Android
https://www.blackhat.com/asia-24/briefings/schedule/?s=03#privacy-detective-sniffing-out-your-data-leaks-for-android-37301
[slides] https://i.blackhat.com/Asia-24/Presentations/Asia-24-Zhou-PrivacyDetective.pdf
[BlackHat Asia 2024] Analysing a NSO iOS Spyware Sample
https://www.blackhat.com/asia-24/briefings/schedule/?s=03#you-shall-not-pass---analysing-a-nso-ios-spyware-sample-37980
[slides] https://i.blackhat.com/Asia-24/Asia-24-Frielingsdorf-YouShallNotPassAnalysing.pdf
XAgent Spyware Targeting iOS Devices in Western Europe: Analysis of Capabilities
https://www.linkedin.com/pulse/xagent-spyware-targeting-ios-devices-western-europe-dmitry-bestuzhev-xunle
Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers
https://www.shielder.com/blog/2024/04/element-android-cve-2024-26131-cve-2024-26132-never-take-intents-from-strangers/
Breaking Custom Encryption Using Frida
https://labs.cognisys.group/posts/Breaking-Custom-Ecryption-Using-Frida-Mobile-Application-pentesting/
SoumniBot: the new Android banker’s unique techniques
https://securelist.com/soumnibot-android-banker-obfuscates-app-manifest/112334/
iOS LightSpy Returns: Renewed Espionage Campaign Targets Southern Asia, Possibly India
https://blogs.blackberry.com/en/2024/04/lightspy-returns-renewed-espionage-campaign-targets-southern-asia-possibly-india
ANDROID SUPPLY CHAIN VALIDATION CHEAT SHEET
This cheat sheet is based on the work performed on Android TV devices (we documented our steps in the post Android TV Devices: Pre-0wned Supply Chain Security Threats)
https://eclypsium.com/blog/android-supply-chain-validation-cheat-sheet/
Active Android espionage campaign targeting users mainly in India and Pakistan with apps bundled with the XploitSPY malware posing mostly as messaging services - even available on Google Play Store
https://www.welivesecurity.com/en/eset-research/exotic-visit-campaign-tracing-footprints-virtual-invaders/
Threat actor "Starry Addax" targets human rights defenders in North Africa with new Android malware
https://blog.talosintelligence.com/starry-addax/
Bypassing anti-reversing defences in iOS applications
https://twelvesec.com/2023/10/10/bypassing-anti-reversing-defences-in-ios-applications/
Hornet dating app with over 10 million installs had vulnerabilities, allowing precise location determination of their users, even with distance display being disabled
https://research.checkpoint.com/2024/the-illusion-of-privacy-geolocation-risks-in-modern-dating-apps/
How charging your phone can compromise your data using three types of Juice Jacking attack
https://www.mobile-hacker.com/2024/04/04/how-charging-your-phone-can-compromise-your-data-using-juice-jacking-attack/
Google fixed 2 Pixel vulnerabilities which are being actively exploited in the wild by forensic companies
CVE-2024-29745 refers to a vulnerability in the fastboot firmware used to support unlocking/flashing/locking. Forensic companies are rebooting devices in After First Unlock state into fastboot mode on Pixels and other devices to exploit vulnerabilities there and then dump memory.
CVE-2024-29748 refers to a vulnerability providing the ability to interrupt a factory reset triggered by a device admin app. It appears they've implemented a partial solution in firmware.
https://discuss.grapheneos.org/d/11860-vulnerabilities-exploited-in-the-wild-fixed-based-on-grapheneos-reports
Technical analysis of Android malware Vultur
https://research.nccgroup.com/2024/03/28/android-malware-vultur-expands-its-wingspan/
After almost 7 years, new version of drozer compatible with Python 3 and modern Java was released.
If you don't know, drozer was a very popular security testing framework for Android
https://github.com/WithSecureLabs/drozer
Demonstration of using BlueDucky to exploit 0-click Bluetooth vulnerability of unpatched Android smartphone (CVE-2023-45866)
Exploit was triggered by Raspberry Pi 4 and then by Android running NetHunter
https://youtu.be/GOGW7U1f2RA
