Endi mavjud! Telegram Tadqiqoti 2025 — yilning asosiy insaytlari 
Android Security & Malware
Kanalga Telegram’da o‘tish
Mobile cybersecurity channel Links: https://linktr.ee/mobilehacker Contact: mobilehackerofficial@gmail.com
Ko'proq ko'rsatish📈 Telegram kanali Android Security & Malware analitikasi
Android Security & Malware (@androidmalware) Ingliz til segmentidagi kanali faol ishtirokchi. Hozirda hamjamiyat 44 025 obunachidan iborat bo'lib, Texnologiyalar & Aralashmalar toifasida 3 050-o'rinni va AQSH mintaqasida 709-o'rinni egallagan.
📊 Auditoriya ko‘rsatkichlari va dinamika
невідомо sanasidan buyon loyiha tez o‘sib, 44 025 obunachiga ega bo‘ldi.
24 Iyun, 2026 dagi oxirgi ma’lumotlarga ko‘ra kanal barqaror faollikka ega. Oxirgi 30 kunda obunachilar soni 281 ga, so‘nggi 24 soatda esa 44 ga o‘zgardi va umumiy qamrov yuqori darajada qolmoqda.
- Tasdiqlash holati: Tasdiqlanmagan
- Jalb etish (ER): Auditoriya o‘rtacha 12.77% darajada jalb etiladi. Nashrdan keyingi dastlabki 24 soatda kontent odatda umumiy obunachilar sonining 3.64% ini tashkil etuvchi reaksiyalarni to‘playdi.
- Post qamrovi: Har bir post o‘rtacha 5 618 marta ko‘riladi; birinchi sutkada odatda 1 601 ta ko‘rish yig‘iladi.
- Reaksiyalar va o‘zaro ta’sir: Auditoriya faol: har bir postga o‘rtacha 12 ta reaksiya keladi.
- Tematik yo‘nalishlar: Kontent cve-2025, exploit, rat, trojan, bypass kabi asosiy mavzularga jamlangan.
📝 Tavsif va kontent siyosati
Muallif resursni shaxsiy fikrni ifoda etish maydoni sifatida ta’riflaydi:
“Mobile cybersecurity channel
Links: https://linktr.ee/mobilehacker
Contact: mobilehackerofficial@gmail.com”
Yuqori yangilanish chastotasi (oxirgi ma’lumot 25 Iyun, 2026 da olingan) sababli kanal doimo dolzarb va katta qamrovli bo‘lib qoladi. Analitika auditoriya kontent bilan faol hamkorlik qilishini, uni Texnologiyalar & Aralashmalar toifasidagi muhim ta’sir nuqtasiga aylantirishini ko‘rsatadi.
44 025
Obunachilar
+4424 soatlar
+787 kunlar
+28130 kunlar
Postlar arxiv
Updated House (runtime mobile application analysis toolkit) can hook functions in dynamically loaded dex/jar files
https://github.com/nccgroup/house
Android Trojan Shopper
It can disable the Google Play Protect service, generate fake reviews, install malicious apps, show ads, and more
https://securelist.com/smartphone-shopaholic/95544/
"Research shows that 91% of pre-installed apps do not appear in Google Play"
Privacy International and over 50 other organisations have submitted a letter asking Google to take action against exploitative pre-installed software on Android devices.
http://privacyinternational.org/advocacy/3320/open-letter-google
Security hardening of Android native code
https://darvincitech.wordpress.com/2020/01/07/security-hardening-of-android-native-code/
Detect Frida for Android
https://darvincitech.wordpress.com/2019/12/23/detect-frida-for-android/
Researchers find that 17 of 140 major online services are vulnerable to SIM swapping attacks
https://www.zdnet.com/article/academic-research-finds-five-us-telcos-vulnerable-to-sim-swapping-attacks/
Memory corruption vulnerability in audio processing during a voice call in #WeChat app
Report includes PoC code + steps how to reproduce the bug
https://bugs.chromium.org/p/project-zero/issues/detail?id=1948
Joker Trojan Family history by Google
-tracked since 2017
-removed 1.7K unique apps before going public
-SMS fraud then WAP billing (as we know Joker now)
-at peak, 23 different Jokers submitted in one day to Google Play
https://security.googleblog.com/2020/01/pha-family-highlights-bread-and-friends.html
Reverse engineering and modifying an Android game — CTF https://link.medium.com/3j3UHWdj72
Remote iPhone Exploitation Part 3: From Memory Corruption to JavaScript and Back -- Gaining Code Execution https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-3.html
Remote iPhone Exploitation Part 2: Bringing Light into the Darkness -- a Remote ASLR Bypass https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-2.html
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
Android smartphone - UMX U686CL - comes with preinstalled and unremovable malware.
Selling of this phone is funded by US government for lower income people.
https://blog.malwarebytes.com/android/2020/01/united-states-government-funded-phones-come-pre-installed-with-unremovable-malware/
AdFraud malware found on Google Play with 100K installs
https://www.evina.fr/a-malware-rises-to-the-top-applications-in-google-play-store/
CSRF + XSS + SMS spoofing + Android deep link URL redirection
Great example of chaining low impact vulnerabilities in #TikTok to remotely manipulate account content
-delete user video
-upload user video
-make "private" videos "public"
https://research.checkpoint.com/2020/tik-or-tok-is-tiktok-secure-enough/
What a interesting vulnerability in HockeyApp platform #Android #iOS #BugBounty
Leaked API key allowed:
-fetch internal employee contacts
-distribute #malware directly to devices of organization employees as internal app update
+PoC Metasploit scenario
https://www.allysonomalley.com/2020/01/06/saying-goodbye-to-my-favorite-5-minute-p1/
First Attack Exploiting CVE-2019-2215 (use-after-free vulnerability) Found on Google Play #SideWinder
https://blog.trendmicro.com/trendlabs-security-intelligence/first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group/
AirDoS: Spam all nearby iOS devices with the AirDrop share popup
https://kishanbagaria.com/airdos/
PoC: https://github.com/KishanBagaria/AirDoS
CyberTruck Challenge 2019 — Android CTF
https://medium.com/bugbountywriteup/cybertruck-challenge-2019-android-ctf-e39c7f796530
The recent Android Brazilian Banking Trojan - COYBOT
https://www.buguroo.com/en/blog/banking-malware-in-android-continues-to-grow.-a-look-at-the-recent-brazilian-banking-trojan-basbanke-coybot
