when you're reverse engineering a web API used by an app (I've done this for personal integrations and automations) via MITMProxy and/or a device emulator, sometimes API calls show up that make you go "hmmm"

> There are millions of apps across both stores. Perhaps find a way to introspect all of them?

I would be surprised if this method wasn't also being employed, if not by individual hackers, then in the form of growth hacking by companies who sell a means of fixing it.

Still seems like something fun to try.