Available now! Telegram Research 2025 β the year's key insights 
Android Security & Malware
Open in Telegram
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Show moreπ Analytical overview of Telegram channel Android Security & Malware
Channel Android Security & Malware (@androidmalware) in the English language segment is an active participant. Currently, the community unites 43 928 subscribers, ranking 3 074 in the Technologies & Applications category and 720 in the USA region.
π Audience metrics and dynamics
Since its creation on Π½Π΅Π²ΡΠ΄ΠΎΠΌΠΎ, the project has demonstrated rapid growth, gathering an audience of 43 928 subscribers.
According to the latest data from 19 June, 2026, the channel demonstrates stable activity. Although there has been a change in the number of participants by 196 over the last 30 days and by -1 over the last 24 hours, overall reach remains high.
- Verification status: Not verified
- Engagement rate (ER): The average audience engagement rate is 13.29%. Within the first 24 hours after publication, content typically collects 3.73% reactions from the total number of subscribers.
- Post reach: On average, each post receives 5 836 views. Within the first day, a publication typically gains 1 636 views.
- Reactions and interaction: The audience actively supports content: the average number of reactions per post is 13.
- Thematic interests: Content is focused on key topics such as cve-2025, exploit, rat, trojan, bypass.
π Description and content policy
The author describes the resource as a platform for expressing subjective opinions:
βMobile cybersecurity channel
Links: https://linktr.ee/mobilehacker
Contact: mobilehackerofficial@gmail.comβ
Thanks to the high frequency of updates (latest data received on 21 June, 2026), the channel maintains relevance and a high level of publication reach. Analytics show that the audience actively interacts with content, making it an important point of influence in the Technologies & Applications category.
43 928
Subscribers
-124 hours
+697 days
+19630 days
Posts Archive
MacStealer: Wi-Fi Client Isolation Bypass
MacStealer can test Wi-Fi networks for client isolation bypasses (CVE-2022-47522) to intercept (steal) traffic toward other clients at the MAC layer
https://github.com/vanhoefm/macstealer
Android GoatRAT Banker Attacks Automated Payment Systems
https://labs.k7computing.com/index.php/goatrat-attacks-automated-payment-systems/
Spyware vendors use 0-days and n-days against Android and iOS
https://blog.google/threat-analysis-group/spyware-vendors-use-0-days-and-n-days-against-popular-platforms/
ARM TrustZone: pivoting to the secure world
https://thalium.github.io/blog/posts/pivoting_to_the_secure_world/
Chinese Pinduoduo app exploited system vulnerabilities to escalate privileges to download and execute backdoors and gain unauthorized access to user data, notifications and files. The app was also removed from Google Play Store.
https://krebsonsecurity.com/2023/03/google-suspends-chinese-e-commerce-app-pinduoduo-over-malware/
For the first time Windows Ursnif banking trojan campaigns started to target Android users via DroidJack RAT received from email
https://cert--agid-gov-it.translate.goog/news/ursnif-approda-nel-mondo-delle-app-mobile-lapk-droidjack-viene-veicolato-come-comunicazione-agenzia-delle-entrate/?s=03&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en
XSS vulnerability discovered in Android and iOS WordPress app plugin WPMobile.App (CVE-2023-22702)
https://patchstack.com/database/vulnerability/wpappninja/wordpress-wpmobile-app-android-and-ios-mobile-application-plugin-11-13-cross-site-scripting-xss-vulnerability
iMessage and OpenGraph for Fun and Profit
Forge domain name in website preview shared in iMessage app
https://persist.tools/posts/imessage_og.html
Near-Ultrasound Inaudible Trojan (NUIT): Exploit smartphone speaker voice assistants with inaudible sound to perform commands
Paper: https://sites.google.com/view/nuitattack/home
Video demo: https://youtu.be/TUnPFR35AR4
Nexus: a new Android botnet based on SOVA banker
https://www.cleafy.com/cleafy-labs/nexus-a-new-android-botnet
JADXecute - plugin for JADX that adds Dynamic Code Execution abilities
With JADXecute, you can dynamically run Java code to modify or print components of the jadx-gui output
https://github.com/LaurieWired/JADXecute
Bluehat 2023: Android Malware Obfuscation
Overview of multiple Android Malware Obfuscation techniques, along with their implementations and disadvantages
https://youtu.be/Bf-49tgDXW0
Reverse engineering of Joker malware found on Google Play Store
https://medium.com/@themalwarebug/reverse-engineering-of-joker-malware-e97376db4810
Exploiting aCropalypse: Recovering Truncated PNGs (CVE-2023-21036)
Vulnerability in the Google Pixel's inbuilt screenshot editing tool, Markup, enabling partial recovery of the original, unedited image data of a cropped and/or redacted screenshot.
https://www.da.vidbuchanan.co.uk/blog/exploiting-acropalypse.html
Report: https://issuetracker.google.com/issues/180526528
Vulnerability online test: https://acropalypse.app/
Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems affecting multiple Android devices
https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html
Trojanized WhatsApp and Telegram apps replace cryptocurrency wallet addresses in messages
Some of them use OCR to recognize mnemonic phrase text from screenshots and photos stored on the devices to steal cryptocurrency funds
https://www.welivesecurity.com/2023/03/16/not-so-private-messaging-trojanized-whatsapp-telegram-cryptocurrency-wallets/
The state of stalkerware in 2022
https://securelist.com/the-state-of-stalkerware-in-2022/108985/
South Korean Android Banking Menace β FakeCalls #VoicePhishing #AndroidMalware
https://research.checkpoint.com/2023/south-korean-android-banking-menace-fakecalls/
GoatRAT: Android Banking Trojan Variant Targeting Brazilian Banks
https://blog.cyble.com/2023/03/14/goatrat-android-banking-trojan-variant-targeting-brazilian-banks/
Android Application Security Testing Series Part β One
https://medium.com/@mk2011sharma/android-application-security-testing-series-part-one-5c346948fb27
