To the Anons in these threads, don't expect too much from Ghidra.
A lot of the nasty stuff that compromised mobile applications will be doing won't be on the app, but on the server they communicate with.
At best, Ghidra will be able to show and tell what information is being sent off and to where if they're not smart, as well as encryption methods and programming libraries used.
But the above is still a best case scenario for digging. Most decompiles won't return much.