Listen to this Post

Introduction: When Mobile Malware Learns to See
Android malware has entered a new phase where automation is no longer driven by rigid scripts or static rules. A newly discovered family of click-fraud trojans demonstrates how threat actors are now embedding machine learning directly into malicious apps, allowing malware to visually analyze advertisements and interact with them in ways that closely mimic human behavior. By leveraging Google’s own TensorFlow framework, these trojans blur the line between legitimate AI-powered applications and covert cybercrime tools, making detection significantly harder and signaling a broader shift in mobile threat innovation.
Overview of the Newly Discovered Threat
A new family of Android click-fraud trojans has been identified that uses TensorFlow-based machine learning models to automatically recognize and interact with advertisement elements on web pages. Unlike traditional click-fraud malware, which relies on predefined JavaScript routines or DOM-level manipulation, this threat analyzes screenshots visually, just as a human user would.
Moving Beyond Script-Based Click Fraud
Classic click-fraud trojans depend on hardcoded scripts that interact with webpage structures such as HTML elements or JavaScript events. These approaches often fail when ads change layout, load dynamically, or are embedded in iframes. The newly observed trojans abandon this brittle strategy in favor of computer vision, allowing them to adapt seamlessly to ad variability.
TensorFlow.js as a Malware Enabler
The threat actors are using TensorFlow.js, an open-source machine learning library developed by Google. TensorFlow.js allows models to be trained and deployed in JavaScript environments, including web browsers and Node.js servers. In this case, it enables AI inference directly inside a hidden browser session running on an infected Android device.
Discovery by Mobile Security Researchers
Researchers from mobile security firm Dr.Web uncovered this malware family during an investigation into suspicious activity tied to Android applications. Their analysis revealed a sophisticated architecture designed to evade detection while maximizing fraudulent ad interactions.
Distribution Through Xiaomi’s Official App Store
One of the most alarming findings is that the trojans are distributed through GetApps, Xiaomi’s official application store. This highlights the growing challenge of supply-chain style infections, where even trusted app marketplaces can become vectors for malicious updates.
The Phantom Mode Explained
The malware operates in a mode referred to as “phantom.” In this configuration, a hidden WebView-based browser silently loads targeted web pages in the background. The user never sees this activity, as the browser is rendered on a virtual screen inaccessible to the device owner.
Hidden JavaScript Automation Layer
Once the page loads, the trojan executes a JavaScript file whose sole purpose is to automate interactions with displayed advertisements. However, instead of blindly clicking elements, the script coordinates with a machine learning model to determine exactly where to tap.
Remote Model Loading
The trained TensorFlow model is not bundled statically with the malware. Instead, it is downloaded from a remote server on demand. This allows attackers to update or refine detection logic without pushing new malware versions to app stores.
Virtual Screen Rendering Technique
After the model is loaded, the hidden browser is placed onto a virtual display. Screenshots are taken and passed to TensorFlow.js, which analyzes the images to locate relevant advertisement elements.
AI-Powered UI Element Detection
The machine learning model identifies clickable ad components based on visual features rather than code structure. This makes the malware resilient to layout changes, responsive designs, video ads, and iframe-based advertising frameworks.
Simulating Human Interaction
Once the correct UI element is identified, the malware generates tap events that closely resemble normal user behavior. This reduces the likelihood of detection by ad fraud prevention systems that look for non-human interaction patterns.
Why This Method Is More Effective
Modern online advertising ecosystems are highly dynamic. Ads frequently rotate formats, sizes, and delivery mechanisms. By relying on visual recognition instead of code-level assumptions, this malware adapts automatically to these changes.
The Signalling Mode Variant
In addition to phantom mode, researchers identified a second operational mode called “signalling.” This mode provides attackers with direct, real-time control over the infected device’s hidden browser session.
WebRTC for Live Video Streaming
Signalling mode uses WebRTC technology to stream a live video feed of the virtual browser screen back to the attackers. This enables manual interaction when automation alone is insufficient.
Real-Time Remote Control Capabilities
Through the live feed, attackers can tap, scroll, and input text in real time. This hybrid model combines automation with human oversight, further increasing fraud success rates.
Trojanized Games as Delivery Vehicles
The malware is primarily distributed through mobile games listed on Xiaomi’s GetApps store. These games appear legitimate and functional, reducing suspicion among users.
Delayed Malicious Updates
Initially, the submitted apps contain no malicious functionality. The click-fraud components are introduced later through app updates, allowing them to pass initial review processes.
Known Infected Games Identified
Several infected titles were identified, including Theft Auto Mafia, Cute Pet House, Creation Magic World, Amazing Unicorn Party, Open World Gangsters, and Sakura Dream Academy, with download counts ranging from thousands to over sixty thousand.
Expansion Beyond Official App Stores
Beyond Xiaomi’s ecosystem, the trojans are also distributed through third-party APK websites. These sites often host modified versions of popular applications, commonly referred to as “mods.”
Abuse of Popular Streaming App Brands
Altered versions of Spotify, YouTube, Deezer, and Netflix have been used as carriers. These apps promise premium features for free, making them especially attractive to users.
Moddroid as a Major Infection Hub
Researchers report that most applications listed on Moddroid’s “Editor’s Choice” page are infected. This suggests a systemic compromise rather than isolated incidents.
Telegram Channels as Malware Markets
Infected APKs are also shared via Telegram channels, including apps named Spotify Pro, Spotify Plus – Official, and others branded to appear trustworthy.
Discord-Based Distribution Networks
Dr.Web identified a Discord server with approximately 24,000 subscribers actively promoting an infected app called Spotify X, illustrating how social platforms are leveraged for malware propagation.
Functional Apps as a Deception Strategy
Some of the infected applications genuinely deliver advertised features. This functional legitimacy significantly lowers user suspicion and prolongs infection duration.
Invisible Execution and User Blindness
Because the click fraud occurs within a hidden WebView on a virtual screen, users see no pop-ups, no visible ads, and no performance indicators pointing to malicious activity.
Economic Motivation Behind Click Fraud
Click fraud and ad abuse are highly lucrative cybercriminal activities. Even small per-click payouts can generate substantial revenue when scaled across thousands of infected devices.
Direct Impact on Victims
While user data is not directly stolen, victims experience increased battery drain, accelerated hardware degradation, and higher mobile data consumption.
Long-Term Ecosystem Damage
Beyond individual users, advertisers lose trust in mobile ad networks, and legitimate developers face increased scrutiny and reduced revenue due to inflated fraud metrics.
Android User Safety Recommendations
Users are strongly advised to avoid installing apps outside of Google Play, particularly modified versions of popular apps that claim to unlock premium features for free.
What Undercode Say:
AI as the Next Evolution in Mobile Malware
This campaign represents a clear inflection point in Android malware development. By integrating machine learning directly into the attack chain, threat actors are no longer constrained by static logic or predictable behavior.
Visual Understanding Changes the Game
The shift from DOM-based automation to visual recognition mirrors trends seen in advanced bot development and game automation. Malware that “sees” the screen can operate wherever humans can.
Legitimate Tools, Illegitimate Goals
TensorFlow.js is a powerful and legitimate technology. Its abuse here underscores how dual-use tools complicate security enforcement, especially when malicious code looks like standard AI-driven functionality.
App Store Trust Is Under Pressure
The successful distribution through an official app store highlights systemic weaknesses in app review pipelines, particularly around post-publication updates.
Delayed Payloads as a Strategic Choice
By shipping clean apps first and weaponizing them later, attackers exploit trust cycles and bypass initial security scans, a tactic increasingly seen across mobile ecosystems.
Hybrid Automation and Human Control
The signalling mode shows that attackers are not fully relying on AI. Instead, they combine machine efficiency with human adaptability, creating a resilient fraud framework.
Social Platforms as Malware Multipliers
Telegram and Discord are no longer just communication tools; they are distribution infrastructures that rival traditional malware delivery channels.
The Illusion of Low-Risk Malware
Click fraud is often dismissed as a minor nuisance, but its cumulative impact on devices, networks, and digital economies is substantial and growing.
A Preview of Future Mobile Threats
This malware family is likely a precursor. As on-device AI becomes more powerful, similar techniques could be adapted for credential theft, surveillance, or targeted manipulation.
Security Must Adapt to Visual Threats
Defensive tools will need to evolve beyond static analysis and permission checks, incorporating behavioral and visual anomaly detection to counter AI-driven malware.
Fact Checker Results
Technical feasibility confirmed by researchers ✅
Distribution vectors align with known malware trends ✅
No evidence of direct data theft or spyware behavior ❌
Prediction
AI-powered mobile malware will increase rapidly 📈
Official app stores will face stricter post-update scrutiny ⚠️
Visual-based attack techniques will spread beyond ad fraud 🔮
🕵️📝✔️Let’s dive deep and fact‑check.
References:
Reported By: www.bleepingcomputer.com
Extra Source Hub (Possible Sources for article):
https://www.linkedin.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
Bing
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon




