Available now! Telegram Research 2025 — the year's key insights 
Android Security & Malware
Open in Telegram
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Show more📈 Analytical overview of Telegram channel Android Security & Malware
Channel Android Security & Malware (@androidmalware) in the English language segment is an active participant. Currently, the community unites 44 091 subscribers, ranking 3 046 in the Technologies & Applications category and 701 in the USA region.
📊 Audience metrics and dynamics
Since its creation on невідомо, the project has demonstrated rapid growth, gathering an audience of 44 091 subscribers.
According to the latest data from 26 June, 2026, the channel demonstrates stable activity. Although there has been a change in the number of participants by 373 over the last 30 days and by 28 over the last 24 hours, overall reach remains high.
- Verification status: Not verified
- Engagement rate (ER): The average audience engagement rate is 13.37%. Within the first 24 hours after publication, content typically collects 3.68% reactions from the total number of subscribers.
- Post reach: On average, each post receives 5 893 views. Within the first day, a publication typically gains 1 622 views.
- Reactions and interaction: The audience actively supports content: the average number of reactions per post is 12.
- Thematic interests: Content is focused on key topics such as cve-2025, exploit, rat, trojan, bypass.
📝 Description and content policy
The author describes the resource as a platform for expressing subjective opinions:
“Mobile cybersecurity channel
Links: https://linktr.ee/mobilehacker
Contact: mobilehackerofficial@gmail.com”
Thanks to the high frequency of updates (latest data received on 27 June, 2026), the channel maintains relevance and a high level of publication reach. Analytics show that the audience actively interacts with content, making it an important point of influence in the Technologies & Applications category.
44 091
Subscribers
+2824 hours
+1637 days
+37330 days
Posts Archive
Security of messaging apps
https://drive.google.com/file/d/1TkBq8Y8pBmNM-uBV3p5TyMF_ZAWVTyVY/view
HiddenApp adware found again on Google Play with 100k+ installs
https://twitter.com/s_metanka/status/1146113662169563137?s=19
“Watering Hole” is a cyber attack strategy in which the victim is a particular group (organization, industry, or region).
In this attack, the attacker typically observes which websites or apps the group uses and infects one or more of them with malware.
https://blog.zimperium.com/the-mobile-watering-hole-how-a-sip-leads-to-a-trojan-compromise/
Vulnerabilities in smart home hub allows hacker to open front door locks. #IoT
https://blackmarble.sh/zipato-smart-hub/
China Is Forcing Tourists to Install Text-Stealing Malware at its Border
The malware downloads a tourist’s text messages, calendar entries, and phone logs, as well as scans the device for over 70,000 different files.
https://www.vice.com/amp/en_us/article/7xgame/at-chinese-border-tourists-forced-to-install-a-text-stealing-piece-of-malware
APK: https://github.com/motherboardgithub/bxaq
Did you know that app developer on Google Play can based on user localization change app icon?
https://twitter.com/LukasStefanko/status/1145952428887543810
New version of WannaLocker, the WannaCry copycat for mobile, which bundles spyware, remote-access-Trojan (RAT) malware, and banking Trojan malware in one nasty package.
https://blog.avast.com/wannalocker-targets-banks-in-brazil
FridaLoader - One click tool to download and launch the latest version of the Frida x86 Server on a Genymotion emulator. #tool
https://github.com/dineshshetty/FridaLoader
Android Security Bulletin—July 2019
The most severe of these issues is a critical security vulnerability in Media framework that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.
Stay updated, stay secure.
https://source.android.com/security/bulletin/2019-07-01.html#2019-07-01-details
HiddenApp Adware with 50k+ installs found on Google Play
https://twitter.com/s_metanka/status/1145744992582995968?s=19
Top Android malware threats of June, 2019
Full list - http://skptr.me/malware_timeline_2019.html
Download samples - https://github.com/sk3ptre/AndroidMalware_2019/blob/master/README.md
Malicious campaign that for years was using Facebook pages to spread malware across mobile and desktop environments targeting Libya 🇱🇾.
Threat actor used known open source Android RAT tools such as SpyNote.
https://research.checkpoint.com/operation-tripoli/
Adware campaign discovered on Google Play
111 apps were found on Play Store with 9M+ installs.
https://blog.trendmicro.com/trendlabs-security-intelligence/adware-campaign-identified-from-182-game-and-camera-apps-on-google-play-and-third-party-stores-like-9apps/
I went to Cirque du Soleil show - TORUK, where they offer app to be part of the show App would sync all the devices in audience with effects.
The first thing that came to my mind was if I can hack them...next day I found bug where I could control the show.
TORUK app left open port 6161 and accepted any request to perform commands at the show:
-change volume settings
-discover nearby Bluetooth devices
-display animations
-read or write to shared preferences
-set the position of the “Like” Facebook
https://androidappwatch.eset.com/latest-posts/a-great-show-is-now-history-as-is-its-insecure-mobile-app/
You have to pay $1.99 for deleting your profile in dating app.
New scam technique?
"Because of the huge workload, we will charge $1.99 as service fee."
https://www.reddit.com/r/assholedesign/comments/c7nqw5/i_got_a_dating_app_but_wanted_to_delete_my/
Android analysis of Nicro malware
https://github.com/maddiestone/ConPresentations/blob/master/REcon2019.PathToThePayload.pdf
Go Cheats – Mod & Hack with 100,000+ installs.
App had fake user interface, ads and root tools.
This fake app is now removed from Google Play!
https://twitter.com/s_metanka/status/1145116266962804737?s=03
Android horror game with over 50,000 installs was phishing for Google and Facebook credentials
https://www.wandera.com/mobile-security/scary-granny-game-stealing-data/
Cerberus Android BOT
New Android botnet available for sale on underground forum.
