¡Ya disponible! Investigación de Telegram 2025 — los principales insights del año 
Android Security & Malware
Ir al canal en Telegram
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Mostrar más📈 Análisis del canal de Telegram Android Security & Malware
El canal Android Security & Malware (@androidmalware) en el segmento lingüístico de Inglés es un actor destacado. Actualmente la comunidad reúne a 43 921 suscriptores, ocupando la posición 3 072 en la categoría Tecnologías y Aplicaciones y el puesto 720 en la región EEUU.
📊 Métricas de audiencia y dinámica
Desde su creación el невідомо, el proyecto ha mostrado un crecimiento acelerado, reuniendo a 43 921 suscriptores.
Según los últimos datos del 20 junio, 2026, el canal mantiene una actividad estable. En los últimos 30 días la variación de miembros fue de 233, y en las últimas 24 horas de 13, conservando un alto alcance.
- Estado de verificación: No verificado
- Tasa de interacción (ER): El promedio de interacción de la audiencia es 13.42%. Durante las primeras 24 horas tras publicar, el contenido suele obtener 3.72% de reacciones respecto al total de suscriptores.
- Alcance de las publicaciones: Cada publicación recibe en promedio 5 896 visualizaciones. En el primer día suele acumular 1 636 visualizaciones.
- Reacciones e interacción: La audiencia responde de forma activa: el promedio de reacciones por publicación es 13.
- Intereses temáticos: El contenido se centra en temas clave como cve-2025, exploit, rat, trojan, bypass.
📝 Descripción y política de contenido
El autor describe el recurso como un espacio para expresar opiniones subjetivas:
“Mobile cybersecurity channel
Links: https://linktr.ee/mobilehacker
Contact: mobilehackerofficial@gmail.com”
Gracias a la alta frecuencia de actualizaciones (últimos datos recibidos el 21 junio, 2026), el canal mantiene la vigencia y un amplio alcance. La analítica demuestra que la audiencia interactúa activamente con el contenido, lo que lo convierte en un punto de referencia dentro de la categoría Tecnologías y Aplicaciones.
43 921
Suscriptores
+1324 horas
+617 días
+23330 días
Archivo de publicaciones
A short history of telephone hacking: from phreaking to mobile malware
https://bit-sentinel.com/a-short-history-of-telephone-hacking-from-phreaking-to-mobile-malware
Remote Code Execution in Evernote for Android by misusing path traversal vulnerability
https://hackerone.com/reports/1377748
A deep dive inside anti-reverse & universal bypass with Frida
https://raw.githubusercontent.com/FrenchYeti/unrasp/main/Slides/Forging_golden_hammer_against_android_app_protections_INSO22_FINAL.pdf
Remotely steal bearer token via maliciously crafted deep link from Basecamp Android app
https://hackerone.com/reports/1372667
RTLO Injection URI Spoofing in mobile apps (CVE-2020-20093; CVE-2020-20094; CVE-2020-20095; CVE-2020-20096)
Affects all recent distributions of iOS iMessage, WhatsApp, Instagram, and Facebook Messenger as of 2019.8.15.
The user interface does not properly represent critical information to the user, allowing the information to be spoofed. This is often a component in online scams, phishing and disinformation propagation.
https://github.com/zadewg/RIUS
Dirty Pipe temporary root exploit for Android (Pixel 6)
https://github.com/polygraphene/DirtyPipe-Android
Trojanized Android & iOS cryptocurrency wallet apps
Malicious code was inserted in specific place of legit apps manually, which required attacker to perform in-depth analysis of wallet first
https://www.welivesecurity.com/2022/03/24/crypto-malware-patched-wallets-targeting-android-ios-devices/
When Equal is Not, Another WebView Takeover Story
https://valsamaras.medium.com/when-equal-is-not-another-webview-takeover-story-730be8d6e202
Facestealer Trojan found in Google Play app with 100,000+ installs injects JavaScript to facebook\.com to steal Facebook Accounts credentials
https://threatpost.com/facestealer-trojan-google-play-facebook/179015/
Repost from The Bug Bounty Hunter
Unraveling Assets from Android Apps at Scale
https://bevigil.com/blog/unraveling-assets-from-android-apps-at-scale/
Crypto Scam - CryptoRom - targets vulnerable iPhone (iOS TestFlight and WebClips) and Android users (APK)
How it works:
The campaign works by approaching potential targets through dating apps like Bumble, Tinder, Facebook Dating, and Grindr, before moving the conversation to messaging apps such as WhatsApp and urging the victims to install a cryptocurrency trading application that's designed to mimic popular brands and lock people out of their accounts and freeze their funds.
https://news.sophos.com/en-us/2022/03/16/cryptorom-bitcoin-swindlers-continue-to-target-vulnerable-iphone-and-android-users/
Frida iOS video tutorials
Introduction to Frida and iOS, low-level iOS interfaces (GCD, XPC, IOKit, Mach), and Objective-C instrumentation
Part I: https://youtu.be/h070-YZKOKE
Part II: https://youtu.be/qpEIRe2CP-w
Part III: https://youtu.be/x48y2ehfWGE
Theft of protected files by 3rd party Android app from ownCloud application
https://hackerone.com/reports/1454002
I created a Discord community for a better categorization and visibility of mobile InfoSec posts with option for you to participate and share or ask questions.
Join & share: https://discord.gg/ByrVsEvVTg
Global Mobile Threat Report for 2021:
-30% of the known, zero-day vulnerabilities discovered in 2021 targeted mobile devices
-466% increase in exploited, zero-day vulnerabilities used in active attacks against mobile endpoints
-75% of the phishing sites analyzed specifically targeted mobile devices
-2,034,217 new mobile malware samples were detected
https://blog.zimperium.com/global-mobile-threat-report-key-insights/
iOS Hacking - A Beginner's Guide to Hacking iOS Apps [2022 Edition]
https://martabyte.github.io/ios/hacking/2022/03/13/ios-hacking-en.html
Exploring the archived APKs powering Android’s new app archiving feature https://blog.esper.io/android-dessert-bites-16-app-archiving-857169/
A attacker can open a malicious url or 3rd party app in NextCloud Talk app https://hackerone.com/reports/1337178
Reverse engineering of a trojanized medical app — Android/Joker
- 4 different stages of DEX & JARs https://cryptax.medium.com/live-reverse-engineering-of-a-trojanized-medical-app-android-joker-632d114073c1
Dirty Pipe vulnerability affects Linux Kernel since 5.8 including Android (CVE-2022-0847)
This issue leads to LPE because unprivileged processes can inject code into root processes
Details and PoC exploit: https://dirtypipe.cm4all.com/
Demo of exploitation: https://www.instagram.com/p/Ca2JIOjgwF6/
