Available now! Telegram Research 2025 β the year's key insights 
Android Security & Malware
Open in Telegram
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Show moreπ Analytical overview of Telegram channel Android Security & Malware
Channel Android Security & Malware (@androidmalware) in the English language segment is an active participant. Currently, the community unites 44 057 subscribers, ranking 3 049 in the Technologies & Applications category and 711 in the USA region.
π Audience metrics and dynamics
Since its creation on Π½Π΅Π²ΡΠ΄ΠΎΠΌΠΎ, the project has demonstrated rapid growth, gathering an audience of 44 057 subscribers.
According to the latest data from 25 June, 2026, the channel demonstrates stable activity. Although there has been a change in the number of participants by 331 over the last 30 days and by 55 over the last 24 hours, overall reach remains high.
- Verification status: Not verified
- Engagement rate (ER): The average audience engagement rate is 12.90%. Within the first 24 hours after publication, content typically collects 3.63% reactions from the total number of subscribers.
- Post reach: On average, each post receives 5 681 views. Within the first day, a publication typically gains 1 601 views.
- Reactions and interaction: The audience actively supports content: the average number of reactions per post is 12.
- Thematic interests: Content is focused on key topics such as cve-2025, exploit, rat, trojan, bypass.
π Description and content policy
The author describes the resource as a platform for expressing subjective opinions:
βMobile cybersecurity channel
Links: https://linktr.ee/mobilehacker
Contact: mobilehackerofficial@gmail.comβ
Thanks to the high frequency of updates (latest data received on 26 June, 2026), the channel maintains relevance and a high level of publication reach. Analytics show that the audience actively interacts with content, making it an important point of influence in the Technologies & Applications category.
44 057
Subscribers
+5524 hours
+1347 days
+33130 days
Posts Archive
Android fraud campaign (UltimaSMS) with 151 apps reached 10.5 million installs was used to subscribe users to premium SMS subscription services without their knowledge. 80 of them were on Google Play Store.
https://blog.avast.com/premium-sms-scam-apps-on-play-store-avast
Location Data Firm Got GPS Data From Apps Even When People Opted Out (Huq SDK)
https://www.vice.com/en/article/5dgmqz/huq-location-data-opt-out-no-consent
New York Times Journalist Ben Hubbard Hacked with iOS Pegasus after Reporting on Previous Hacking Attempts
https://citizenlab.ca/2021/10/breaking-news-new-york-times-journalist-ben-hubbard-pegasus/
The ultimate guide to Android SSL pinning bypass
https://redhuntlabs.com/wp-content/uploads/2021/10/Ultimate-Guide-to-SSL-Pinning-Bypass-RedHunt-Labs-Attack-Surface-Management.pdf
reFlutter - Flutter apps traffic monitoring
Make app trust installed certificates by repacking it with reFlutter and use Burp Suite. No root, no VPN.
https://github.com/ptswarm/reFlutter
Minecraft was the most commonly used game title for masking cyber threats on mobile platforms between July 1, 2020, and June 30, 2021.
Upwards of 44 thousand gamers were affected, with close to 303 thousand unique detections
https://atlasvpn.com/blog/minecraft-most-malware-infected-game-on-the-market-with-228k-users-affected
Oversecured released an iOS app vulnerability scanner
iOS vulnerability list: https://oversecured.com/vulnerabilities#iOS
Vulnerable app: https://github.com/oversecured/ovia
Report: https://content.oversecured.com/oversecured_sample_report_ios.pdf
Android Exploits 101 workshop
Overview of the modern Android exploits with examples + goes over the common flows of Android exploits
[video] https://youtu.be/squuwVQiPgg
The Challenges of Fuzzing 5G Protocols (NGAP, GTPU, PFCP, & DIAMETER)
Network fuzzers used:
- Fuzzowski
- Frizzer
- AFLNet
https://research.nccgroup.com/2021/10/11/the-challenges-of-fuzzing-5g-protocols/
Google's Threat Analysis Group (TAG) found an attempt to upload Android spyware to Google Play Store disguised as a VPN app. It was part of APT35 group.
https://blog.google/threat-analysis-group/countering-threats-iran/
CryptoRomance fake iOS cryptocurrency apps hit US, European victims for at least $1.4 million
https://news.sophos.com/en-us/2021/10/13/cryptorom-fake-ios-cryptocurrency-apps/
Malware bypassing OTP-based authentication to target Indian Banking customers
https://blog.cyble.com/2021/10/13/malware-bypassing-otp-based-authentication-to-target-indian-banking-customers/
A threat analysis of sideloading by Apple
There are 31 pages explaining why Apple will not allow sideloading apps on iOS
https://www.apple.com/privacy/docs/Building_a_Trusted_Ecosystem_for_Millions_of_Apps_A_Threat_Analysis_of_Sideloading.pdf
CVE-2021-30858: Use-after-free in WebKit affecting pre-Safari 14.1.2, pre-iOS 14.8
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-30858.html
Demonstration how Android malware steals recovery phrase from Trust Crypto Wallet without user interaction and restricts access to victims smartphone
https://youtu.be/cI9GbhspMYY
Malicious apps found on Google Play Store could steal Facebook credentials by injecting JavaScript in WebView while facebook[.]com has been displayed
https://www.bleepingcomputer.com/news/security/photo-editor-android-app-still-sitting-on-google-play-store-is-malware/
PoC for today's patched iPhone 0-day vulnerability in IOMobileFrameBuffer/AppleCLCD that has been exploited in the wild (CVE-2021-30883)
https://saaramar.github.io/IOMFB_integer_overflow_poc/
Togo: Prominent activist targeted with Indian-made Android spyware linked to Donot Team hacker group (APT-C-35)
Article: https://www.amnesty.org/en/latest/news/2021/10/togo-activist-targeted-with-spyware-by-notorious-hacker-group/
Full report: https://www.amnesty.org/en/documents/afr57/4756/2021/en/
Are iPhones Really Better for Privacy? Comparative Study of iOS and Android Apps
https://arxiv.org/abs/2109.13722
Waydro - Android on Linux (boot a full Android system on a regular GNU/Linux system like Ubuntu)
https://waydro.id/
