Listen to this Post

Introduction
A new wave of Android malware is quietly redefining how mobile click-fraud works. Instead of relying on predictable scripts or basic automation, this threat uses machine learning to see, think, and act like a real human user. Discovered by researchers at cybersecurity firm Dr.Web, the Android.Phantom malware family represents a dangerous shift toward AI-driven fraud, where malicious apps visually analyze ads and interact with them in ways that are extremely difficult to detect. Distributed through both official-looking app stores and underground channels, this campaign exposes serious weaknesses in mobile app ecosystems and user trust.
the Original Findings
Researchers at Dr.Web uncovered a previously unknown Android click-fraud trojan family that leverages TensorFlow.js machine learning models to visually detect and interact with advertisements. Unlike traditional clickers that rely on static scripts, this malware analyzes screenshots to identify ad elements and taps them in a way that closely mimics real human behavior. This makes it significantly more resilient against modern ad protection systems and dynamic ad layouts.
The malware is primarily distributed through Xiaomi’s GetApps platform, where infected games were published by a single developer, SHENZHEN RUIREN NETWORK CO., LTD. Initial releases of these games appeared clean, but later updates quietly introduced the Android.Phantom.2.origin trojan. This staged approach allowed the apps to build trust and a user base before becoming malicious.
Android.Phantom.2.origin operates in two distinct modes. In “phantom” mode, the trojan launches a hidden WebView browser that loads a remote website and a malicious JavaScript file from the playstations[.]click server. This script includes TensorFlow.js and downloads a trained machine learning model from a remote server. The malware then captures screenshots of a virtual screen, analyzes them, detects advertisements, and automatically clicks on them without user awareness.
In “signaling” mode, the trojan uses WebRTC technology to stream a live video feed of the hidden browser to attackers. The dllpgd[.]click server acts as a signaling hub, allowing remote operators to interact with the browser in real time by clicking, scrolling, and typing. This gives attackers direct manual control when automation is insufficient.
On October 15 and 16, the infected games were updated again, this time deploying Android.Phantom.5. This version functions as a dropper, delivering Android.Phantom.4.origin, a remote loader that installs additional click-fraud modules. These newer modules are simpler, relying on JavaScript-based clicking rather than machine learning or live video streaming. Android.Phantom.5 also downloads WebRTC libraries to expand functionality.
Beyond Xiaomi’s ecosystem, the malware has spread aggressively through third-party APK repositories such as Moddroid and Apkmody. Modified versions of popular apps like Spotify, YouTube, Deezer, and Netflix were found carrying the trojan. Many so-called “Editor’s Choice” apps on Moddroid were confirmed to be infected.
The campaign also extends into social platforms. Malicious APKs circulate in Telegram channels and a Discord server with more than 24,000 users, promoting an infected Spotify X application. Server-side data revealed a global infection footprint, with English-speaking users most affected, followed by Spanish, French, German, Polish, and Italian users.
Dr.Web warns that these trojans can transform infected devices into bots capable of DDoS attacks, unauthorized ad fraud, battery and data abuse, and personal data leakage through spyware components. Users without up-to-date antivirus protection are particularly vulnerable, especially children and individuals seeking unofficial or modified apps.
What Undercode Say:
This campaign marks a critical evolution in mobile malware strategy. The use of TensorFlow.js for visual ad recognition is not just a technical novelty, it is a deliberate attempt to bypass every traditional heuristic used to detect click-fraud. Script-based detection assumes predictable patterns. Machine learning breaks that assumption.
By visually identifying ads through screenshots, Android.Phantom behaves closer to a human than a bot. It does not care how the page is structured or how often ads change position. If it can see the ad, it can click it. This renders many anti-fraud defenses obsolete overnight.
The staged infection strategy is equally concerning. Releasing clean apps first, then weaponizing them through updates, shows a clear understanding of store moderation weaknesses. Trust is built first, exploitation follows later. This tactic is increasingly common and extremely effective.
The dual-mode architecture also reveals operational maturity. Automation handles scale, while WebRTC-powered live control handles edge cases. Few mobile malware families combine both so seamlessly. This hybrid model suggests organized development rather than amateur experimentation.
The spread through modded apps highlights a long-standing issue. Users trade security for convenience, and attackers exploit that trade ruthlessly. The fact that even “Editor’s Choice” labels can be compromised underscores how fragile unofficial app ecosystems really are.
More troubling is the modular design. Droppers, loaders, ML clickers, script-based backups, spyware potential, all indicate a framework rather than a single-purpose trojan. This malware is adaptable, upgradeable, and future-proofed.
From a broader perspective, Android.Phantom is a warning. AI is no longer just a defensive tool in cybersecurity. Attackers are actively weaponizing it. As machine learning becomes easier to deploy via web-based frameworks like TensorFlow.js, this trend will accelerate.
The real danger lies not only in ad fraud, but in what comes next. If malware can see and understand interfaces, it can steal credentials, bypass captchas, and interact with financial apps. Click-fraud may only be the training ground.
Fact Checker Results
✅ Dr.Web confirmed the use of TensorFlow.js for visual ad detection
✅ Infected apps were distributed via Xiaomi GetApps and third-party APK sites
❌ No evidence yet of widespread credential theft beyond click-fraud modules
Prediction
📊 AI-driven mobile malware will rapidly expand beyond advertising fraud
📊 Visual-based automation will challenge existing mobile security models
📊 App store trust mechanisms will face increasing pressure from staged malware updates
▶️ Related Video (88% Match):
🕵️📝✔️Let’s dive deep and fact‑check.
References:
Reported By: securityaffairs.com
Extra Source Hub (Possible Sources for article):
https://www.pinterest.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
Bing
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon




