TL;DR A newly discovered type of malware uses machine learning to automatically interact with ads and commit fraud.
It can also be used to grant hackers access to your screen.
The malware is found on certain games distributed through inappropriate app stores, but some have also been found in Xiaomi’s GetApps app store.
Update, January 23, 2025 (12:53 PM ET): Google has reached to Android Authority to comment on this malware. A spokesperson tells us: Based on our current detection, no apps containing this malware are found on Google Play. Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play. Original article, January 23, 2025 (03:55 AM ET): AI is designed to make our lives easier, but it’s also adept at making them more difficult. AI-powered tools are becoming increasingly popular among hackers, who can now launch sophisticated attacks that stray from established patterns. One such malware has been detected in a few Android games, and it can be used to commit fraud or attack others through your device.
Researchers at Dr. Web (via Bleeping Computer) have identified a class of trojanware that uses AI to click on ads. According to the researchers, the so-called “clickjacking” malware uses Google’s open-source TensorFlow.js library to run machine learning models to interact with ads inside certain apps or games. Ads are common in free-to-play casual Android games, and some developers may resort to using trojanware to artificially inflate click-through rates, thereby increasing the revenue they generate from these ads.
The malware uses machine learning models to analyze the page content when the ad appears and interact with it without any user action. Machine learning is especially useful for overcoming challenges posed by dynamic, varied ads embedded in apps or games. It can also operate in a “phantom” mode to load a hidden browser window to interact with ads automatically.
Don’t want to miss the best from Android Authority? Set us as a favorite source in Google Discover to never miss our latest exclusive reports, expert analysis, and much more.
to never miss our latest exclusive reports, expert analysis, and much more. You can also set us as a preferred source in Google Search by clicking the button below.
When the machine learning models fail, colluding developers or other bad actors can take over the user’s screen and perform actions like scrolling or tapping manually using a technique called “signaling.”
Dr. Web has identified that several of these games laced with the trojanware are being circulated using Xiaomi’s GetApps alternative app store. All of these are also attributed to a single developer named Shenzhen Ruiren Network Co. Ltd.
... continue reading