TL;DR
- A newly discovered type of malware uses machine learning to automatically interact with ads and commit fraud.
- It can also be used to grant hackers access to your screen.
- The malware is found on certain games distributed through inappropriate app stores, but some have also been found in Xiaomi’s GetApps app store.
AI is designed to make our lives easier, but it’s also adept at making them more difficult. AI-powered tools are becoming increasingly popular among hackers, who can now launch sophisticated attacks that stray from established patterns. One such malware has been detected in a few Android games, and it can be used to commit fraud or attack others through your device.
Researchers at Dr. Web (via Bleeping Computer) have identified a class of trojanware that uses AI to click on ads. According to the researchers, the so-called “clickjacking” malware uses Google’s open-source TensorFlow.js library to run machine learning models to interact with ads inside certain apps or games. Ads are common in free-to-play casual Android games, and some developers may resort to using trojanware to artificially inflate click-through rates, thereby increasing the revenue they generate from these ads.
The malware uses machine learning models to analyze the page content when the ad appears and interact with it without any user action. Machine learning is especially useful for overcoming challenges posed by dynamic, varied ads embedded in apps or games. It can also operate in a “phantom” mode to load a hidden browser window to interact with ads automatically.
Don’t want to miss the best from Android Authority?
When the machine learning models fail, colluding developers or other bad actors can take over the user’s screen and perform actions like scrolling or tapping manually using a technique called “signaling.”
Dr. Web has identified that several of these games laced with the trojanware are being circulated using Xiaomi’s GetApps alternative app store. All of these are also attributed to a single developer named Shenzhen Ruiren Network Co. Ltd.
Based on its analysis, the team has identified the following games carrying traces of the malware:
- Creation Magic World
- Cute Pet House
- Amazing Unicorn Party
- Sakura Dream Academy
- Theft Auto Mafia
- Open World Gangsters
In addition to Xiaomi’s app store, these games are also being circulated through rogue APK distribution platforms, such as Apkmody and Moddroid, as well as through Telegram channels that claim to offer modded versions of apps like Spotify and Netflix.
Researchers add that while clickjacking, or ad fraud, does not immediately harm the users, this malware, especially with its ability to hijack a user’s device remotely, can be used for data theft or even as a means to target other users with infected APKs or more sophisticated
Thank you for being part of our community. Read our Comment Policy before posting.
