Endi mavjud! Telegram Tadqiqoti 2025 — yilning asosiy insaytlari 
Android Security & Malware
Kanalga Telegram’da o‘tish
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Ko'proq ko'rsatish📈 Telegram kanali Android Security & Malware analitikasi
Android Security & Malware (@androidmalware) Ingliz til segmentidagi kanali faol ishtirokchi. Hozirda hamjamiyat 43 921 obunachidan iborat bo'lib, Texnologiyalar & Aralashmalar toifasida 3 072-o'rinni va AQSH mintaqasida 720-o'rinni egallagan.
📊 Auditoriya ko‘rsatkichlari va dinamika
невідомо sanasidan buyon loyiha tez o‘sib, 43 921 obunachiga ega bo‘ldi.
20 Iyun, 2026 dagi oxirgi ma’lumotlarga ko‘ra kanal barqaror faollikka ega. Oxirgi 30 kunda obunachilar soni 233 ga, so‘nggi 24 soatda esa 13 ga o‘zgardi va umumiy qamrov yuqori darajada qolmoqda.
- Tasdiqlash holati: Tasdiqlanmagan
- Jalb etish (ER): Auditoriya o‘rtacha 13.42% darajada jalb etiladi. Nashrdan keyingi dastlabki 24 soatda kontent odatda umumiy obunachilar sonining 3.72% ini tashkil etuvchi reaksiyalarni to‘playdi.
- Post qamrovi: Har bir post o‘rtacha 5 896 marta ko‘riladi; birinchi sutkada odatda 1 636 ta ko‘rish yig‘iladi.
- Reaksiyalar va o‘zaro ta’sir: Auditoriya faol: har bir postga o‘rtacha 13 ta reaksiya keladi.
- Tematik yo‘nalishlar: Kontent cve-2025, exploit, rat, trojan, bypass kabi asosiy mavzularga jamlangan.
📝 Tavsif va kontent siyosati
Muallif resursni shaxsiy fikrni ifoda etish maydoni sifatida ta’riflaydi:
“Mobile cybersecurity channel
Links: https://linktr.ee/mobilehacker
Contact: mobilehackerofficial@gmail.com”
Yuqori yangilanish chastotasi (oxirgi ma’lumot 21 Iyun, 2026 da olingan) sababli kanal doimo dolzarb va katta qamrovli bo‘lib qoladi. Analitika auditoriya kontent bilan faol hamkorlik qilishini, uni Texnologiyalar & Aralashmalar toifasidagi muhim ta’sir nuqtasiga aylantirishini ko‘rsatadi.
43 921
Obunachilar
+1324 soatlar
+617 kunlar
+23330 kunlar
Postlar arxiv
A short history of telephone hacking: from phreaking to mobile malware
https://bit-sentinel.com/a-short-history-of-telephone-hacking-from-phreaking-to-mobile-malware
Remote Code Execution in Evernote for Android by misusing path traversal vulnerability
https://hackerone.com/reports/1377748
A deep dive inside anti-reverse & universal bypass with Frida
https://raw.githubusercontent.com/FrenchYeti/unrasp/main/Slides/Forging_golden_hammer_against_android_app_protections_INSO22_FINAL.pdf
Remotely steal bearer token via maliciously crafted deep link from Basecamp Android app
https://hackerone.com/reports/1372667
RTLO Injection URI Spoofing in mobile apps (CVE-2020-20093; CVE-2020-20094; CVE-2020-20095; CVE-2020-20096)
Affects all recent distributions of iOS iMessage, WhatsApp, Instagram, and Facebook Messenger as of 2019.8.15.
The user interface does not properly represent critical information to the user, allowing the information to be spoofed. This is often a component in online scams, phishing and disinformation propagation.
https://github.com/zadewg/RIUS
Dirty Pipe temporary root exploit for Android (Pixel 6)
https://github.com/polygraphene/DirtyPipe-Android
Trojanized Android & iOS cryptocurrency wallet apps
Malicious code was inserted in specific place of legit apps manually, which required attacker to perform in-depth analysis of wallet first
https://www.welivesecurity.com/2022/03/24/crypto-malware-patched-wallets-targeting-android-ios-devices/
When Equal is Not, Another WebView Takeover Story
https://valsamaras.medium.com/when-equal-is-not-another-webview-takeover-story-730be8d6e202
Facestealer Trojan found in Google Play app with 100,000+ installs injects JavaScript to facebook\.com to steal Facebook Accounts credentials
https://threatpost.com/facestealer-trojan-google-play-facebook/179015/
Repost from The Bug Bounty Hunter
Unraveling Assets from Android Apps at Scale
https://bevigil.com/blog/unraveling-assets-from-android-apps-at-scale/
Crypto Scam - CryptoRom - targets vulnerable iPhone (iOS TestFlight and WebClips) and Android users (APK)
How it works:
The campaign works by approaching potential targets through dating apps like Bumble, Tinder, Facebook Dating, and Grindr, before moving the conversation to messaging apps such as WhatsApp and urging the victims to install a cryptocurrency trading application that's designed to mimic popular brands and lock people out of their accounts and freeze their funds.
https://news.sophos.com/en-us/2022/03/16/cryptorom-bitcoin-swindlers-continue-to-target-vulnerable-iphone-and-android-users/
Frida iOS video tutorials
Introduction to Frida and iOS, low-level iOS interfaces (GCD, XPC, IOKit, Mach), and Objective-C instrumentation
Part I: https://youtu.be/h070-YZKOKE
Part II: https://youtu.be/qpEIRe2CP-w
Part III: https://youtu.be/x48y2ehfWGE
Theft of protected files by 3rd party Android app from ownCloud application
https://hackerone.com/reports/1454002
I created a Discord community for a better categorization and visibility of mobile InfoSec posts with option for you to participate and share or ask questions.
Join & share: https://discord.gg/ByrVsEvVTg
Global Mobile Threat Report for 2021:
-30% of the known, zero-day vulnerabilities discovered in 2021 targeted mobile devices
-466% increase in exploited, zero-day vulnerabilities used in active attacks against mobile endpoints
-75% of the phishing sites analyzed specifically targeted mobile devices
-2,034,217 new mobile malware samples were detected
https://blog.zimperium.com/global-mobile-threat-report-key-insights/
iOS Hacking - A Beginner's Guide to Hacking iOS Apps [2022 Edition]
https://martabyte.github.io/ios/hacking/2022/03/13/ios-hacking-en.html
Exploring the archived APKs powering Android’s new app archiving feature https://blog.esper.io/android-dessert-bites-16-app-archiving-857169/
A attacker can open a malicious url or 3rd party app in NextCloud Talk app https://hackerone.com/reports/1337178
Reverse engineering of a trojanized medical app — Android/Joker
- 4 different stages of DEX & JARs https://cryptax.medium.com/live-reverse-engineering-of-a-trojanized-medical-app-android-joker-632d114073c1
Dirty Pipe vulnerability affects Linux Kernel since 5.8 including Android (CVE-2022-0847)
This issue leads to LPE because unprivileged processes can inject code into root processes
Details and PoC exploit: https://dirtypipe.cm4all.com/
Demo of exploitation: https://www.instagram.com/p/Ca2JIOjgwF6/
