Generative AI is growing more and more, and with all the useful things it brings (and some less useful, gimmicky ones), there have also been cases of malicious users taking advantage of AI for hacking. Now, the latest report from researchers at Dr. Web indicates that hackers have found a new way to use AI to commit fraud.
New Trojan with AI clicks on ads and commits fraud
There's a new class of trojanware that uses AI to click on ads, and it has been recently identified. Researchers call it "clickjacking" malware. It uses Google's open-source TensorFlow.js library to run machine learning models, which then interact with ads in certain games or apps.
It's pretty common for casual Android games, for example, to have ads in their free versions. Curiously enough, reportedly some developers may use trojanware to artificially inflate their click-through rates. This could lead to their revenue from ads growing.
This specific malware uses AI models to analyze the page content when the ad appears. It can then interact with the ad without the user doing anything. Basically, machine learning is ideal here with all the ads that come in all sorts of shapes. Most of these ads are dynamic and different.
The malware can reportedly operate in a "phantom" mode, and it loads a hidden browser window where it automatically interacts with the ads.
But that's, unfortunately, not all. The malware could also allow malicious users to take over your screen and perform various actions, including scrolling or tapping. These actions use a technique called "signaling".
Recommended For You
Image Credit - PhoneArena
Dr.Web's team has found several of these games that contain the trojanware are circulated using Xiaomi's GetApps alternative app store. Apparently, all these games are made by a single developer company named Shenzhen Ruiren Network Co. Ltd.
These are the games that have been identified to carry traces of the malware by the report:
Creation Magic World
Open World Gangsters
Amazing Unicorn Party
Cute Pet House
Theft Auto Mafia
Sakura Dream Academy
They are not just in Xiaomi's store, though. These games are also circulating online through fraudulent APK distribution platforms (they can be found in Apkmody and Moddroid, for example), as well as using Telegram channels. These specific Telegram channels claim to offer modded versions of popular apps, including Spotify and Netflix.
Although this malware doesn't immediately harm the user, it can still give the malicious user abilities to hijack your device remotely. And this is pretty bad and can be used to steal your data or get other devices infected with malware.
Do stories like this make you think twice about sideloading Android apps?
Yes, I only use the Play Store
100%
Sometimes, but I still sideload carefully
0%
No, I know what I'm doing
0%
How to stay safe
Well, the key here is to stick to downloading apps and games from the official Google Play Store. It's best not to sideload unless it's absolutely necessary. Having a solution that can detect and respond to malware on your phone can also help.
Malware is always going to exist, so following simple rules for online safety can help you stay away. So, as usual: avoid clicking on random links sent to you by people you don't know, avoid sideloading (or do it if you know how to check for hashes and signatures), and pay for subscription apps like Spotify or Netflix if you want to use their services, instead of relying on modded apps.
There are all sorts of malware types out there
Obviously, this malware is not the worst we've seen. There's malware that grants full access to your phone to hackers without you even knowing to steal information. There are phishing attacks that fake a website and steal your credentials.
All in all, the internet can be a scary place. Because of this, I have chosen not to sideload any apps, and I stick to whatever is available on official app stores for my phone.
Izzy, a tech enthusiast and a key part of the PhoneArena team, specializes in delivering the latest mobile tech news and finding the best tech deals. Her interests extend to cybersecurity, phone design innovations, and camera capabilities. Outside her professional life, Izzy, a literature master's degree holder, enjoys reading, painting, and learning languages. She's also a personal growth advocate, believing in the power of experience and gratitude. Whether it's walking her Chihuahua or singing her heart out, Izzy embraces life with passion and curiosity.
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts:
New accounts created within the last 24 hours may experience restrictions on how frequently they can
post or comment.
These limits are in place as a precaution and will automatically lift.
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed:
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts: