Endi mavjud! Telegram Tadqiqoti 2025 — yilning asosiy insaytlari 
Android Security & Malware
Kanalga Telegram’da o‘tish
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Ko'proq ko'rsatish📈 Telegram kanali Android Security & Malware analitikasi
Android Security & Malware (@androidmalware) Ingliz til segmentidagi kanali faol ishtirokchi. Hozirda hamjamiyat 43 914 obunachidan iborat bo'lib, Texnologiyalar & Aralashmalar toifasida 3 070-o'rinni va AQSH mintaqasida 723-o'rinni egallagan.
📊 Auditoriya ko‘rsatkichlari va dinamika
невідомо sanasidan buyon loyiha tez o‘sib, 43 914 obunachiga ega bo‘ldi.
18 Iyun, 2026 dagi oxirgi ma’lumotlarga ko‘ra kanal barqaror faollikka ega. Oxirgi 30 kunda obunachilar soni 192 ga, so‘nggi 24 soatda esa -1 ga o‘zgardi va umumiy qamrov yuqori darajada qolmoqda.
- Tasdiqlash holati: Tasdiqlanmagan
- Jalb etish (ER): Auditoriya o‘rtacha 13.11% darajada jalb etiladi. Nashrdan keyingi dastlabki 24 soatda kontent odatda umumiy obunachilar sonining 4.02% ini tashkil etuvchi reaksiyalarni to‘playdi.
- Post qamrovi: Har bir post o‘rtacha 5 757 marta ko‘riladi; birinchi sutkada odatda 1 764 ta ko‘rish yig‘iladi.
- Reaksiyalar va o‘zaro ta’sir: Auditoriya faol: har bir postga o‘rtacha 12 ta reaksiya keladi.
- Tematik yo‘nalishlar: Kontent cve-2025, exploit, rat, trojan, bypass kabi asosiy mavzularga jamlangan.
📝 Tavsif va kontent siyosati
Muallif resursni shaxsiy fikrni ifoda etish maydoni sifatida ta’riflaydi:
“Mobile cybersecurity channel
Links: https://linktr.ee/mobilehacker
Contact: mobilehackerofficial@gmail.com”
Yuqori yangilanish chastotasi (oxirgi ma’lumot 19 Iyun, 2026 da olingan) sababli kanal doimo dolzarb va katta qamrovli bo‘lib qoladi. Analitika auditoriya kontent bilan faol hamkorlik qilishini, uni Texnologiyalar & Aralashmalar toifasidagi muhim ta’sir nuqtasiga aylantirishini ko‘rsatadi.
43 914
Obunachilar
-124 soatlar
+827 kunlar
+19230 kunlar
Postlar arxiv
Brute forcing Android app's PIN using Frida to bypass bank's 2FA and get authorization token
https://www.corellium.com/blog/frida-brute-forcing-pins-mobile-pentest
Massive Mobile Security Framework (MMSF)
A mobile open-source framework that combines functionalities from frida, objection, drozer, reflutter and more for iOS and Android app analysis
Info: https://securitycafe.ro/2023/09/18/mobile-pentesting-101-introducing-to-mmsf-massive-mobile-security-framework/
Download: https://github.com/St3v3nsS/MMSF
Android trojan masquerade as an Iranian online trading platform
https://news.drweb.com/show/?i=14748&lng=en
Android App Pin Security Issue Allows Unauthorized Payments via Google Wallet even with enabled "Require device unlock for NFC" option (CVE-2023-35671)
While in pinned mode, all other apps become temporarily inaccessible, except Google Wallet.
PoC: https://github.com/MrTiz/CVE-2023-35671
From ERMAC to Hook: Investigating the technical differences between two Android malware variants
https://research.nccgroup.com/2023/09/11/from-ermac-to-hook-investigating-the-technical-differences-between-two-android-malware-variants/
Useful tutorial on how to port Kali NetHunter (including custom Kernel) to unsupported "Essential Phone"
https://odysee.com/@z2rec:1/how-i-ported-kali-nethunter-to-unsupported-device:c
Evil Telegram doppelganger attacks Chinese users
https://securelist.com/trojanized-telegram-mod-attacking-chinese-users/110482/
New 0-click exploit chain discovered targeting iOS devices delivers Pegasus Spyware
Exploit chain was capable of compromising iPhones (iOS 16.6) without any user interaction.
The device is compromised just by receiving malicious image in iMessage (CVE-2023-41064, CVE-2023-41061).
➡️ Update your iOS devices
https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/
How to spoof iOS devices with Bluetooth pairing messages using Android
https://www.mobile-hacker.com/2023/09/07/spoof-ios-devices-with-bluetooth-pairing-messages-using-android/
Android.Pandora trojans (ancestor of Linux Mirai trojan) compromise Android devices, either during firmware updates or when applications for viewing pirated video content are installed
https://news.drweb.com/show/?i=14743&lng=en
Video explanation on a bug discovered in PayPal Business Android app how it was possible to steal authentication token to takeover victim account
https://youtu.be/AoSvq9v8kvY?si=shOkn5aq_mXrhlu3
Account takeover using PIN brute-force
BillPoint app didn't use brute-force PIN protection, which allowed attacker to gain unauthorized access to any user account simply by knowing their email
https://medium.com/@hackedbyeldee/account-takeover-on-billpoint-co-mobile-app-9cc3aedd92b
Infamous Chisel: Detailed analysis of each component associated with Sandworm APT group designed to enable remote access and exfiltrate information from Android phones
https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/infamous-chisel/NCSC-MAR-Infamous-Chisel.pdf
How to port custom build of Kali Nethunter to an unsupported phone (Xiaomi Poco X3 NFC) and compile custom Kernel with support for TP-LINK W722N V2/V3 (RTL8812AU drivers)
https://r0ttenbeef.github.io/Port-Custom-Build-of-Kali-Nethunter-to-an-Unsupported-Phone-Walkthrough/
Bypassing Hardened Android Application available on the Play Store
-Root Detection Check in Native Java code and in React Native file
-Emulator Check
-Frida Running Check
-SSL Pinning Bypass
https://notsosecure.com/bypassing-hardened-android-applications
Trojanized Signal and Telegram apps were discovered on Google Play and Galaxy Store
Patched Signal is the first documented case of spying on a victim’s Signal communications by secretly autolinking the compromised device to attacker’s Signal device
https://www.welivesecurity.com/en/eset-research/badbazaar-espionage-tool-targets-android-users-trojanized-signal-telegram-apps/
Obfuscating Android Apps with Native Code
The presentation explores writing Android applications in purely native code to obfuscate app flow-of-control
Resources: https://github.com/LaurieWired/AndroidPurelyNative_Troopers23
Presentation: https://youtu.be/wayMcQQZV1U?si=UJ6m_6jogtzcnNBF
Android Goes All-in on Fuzzing
https://security.googleblog.com/2023/08/android-goes-all-in-on-fuzzing.html
Mobile Malware Analysis Part 2 – MasterFred
https://8ksec.io/mobile-malware-analysis-part-2-masterfred/
Technical Analysis of Multi-layered Obfuscation Techniques in AndroidManifest.xml Aimed at Evading Static Analysis
https://www.liansecurity.com/#/main/news/H_NoQIoBE2npFSfF-iQ5/detail
