Machine learning-powered Android Trojan bypasses script-based ad click detection

Machine learning-powered Android Trojan bypasses script-based ad click detection

Pierluigi Paganini
January 22, 2026

A new family of Android click fraud Trojans uses TensorFlow ML to visually detect and tap ads, bypassing traditional script-based click techniques.

Researchers at cybersecurity company Dr.Web have discovered a new family of Android click fraud Trojans that uses TensorFlow.js ML models to visually detect and tap on ads, bypassing traditional script-based methods. The malware is distributed via Xiaomi’s GetApps and runs in a hidden “phantom” WebView to load models remotely. Malicious code analyzes screenshots and mimics real user behavior to make it more resistant to dynamic ads.

In Phantom mode, Android.Phantom.2.origin uses a hidden WebView browser in response to commands from the PlayStation.[.]Click on the server and load the target site and a “phantom” JavaScript file containing ad automation logic and TensorFlowJS. A trained ML model is downloaded from a remote server, analyzes virtual screen screenshots, and automatically clicks on detected ad elements. In signaling mode, the Trojan uses WebRTC using dllpgd.[.]click acts as a signaling server and streams live video of the virtual browser to the attacker. An attacker can remotely control the virtual browser by clicking, scrolling, and entering text.

New Android Clicker Trojan family is controlled by dllpgd[.]Click Server. Several popular games from a single developer were initially clean but later updated with the Android.Phantom.2.origin Trojan.

Researchers have identified several mobile games that contain malware.

• Creation Magic World (over 32,000 downloads);
• Cute Pet House (>34,000 downloads);
• Awesome Unicorn Party (over 13,000 downloads);
• Sakura Dream Academy (>4,000 downloads);
• Theft Auto Mafia (>61,000 downloads);
• Open World Gangsters (11,000+ downloads).

“All infected games are hosted by a single developer: SHENZHEN RUIREN NETWORK CO., LTD., and the Trojan is embedded within the games and runs alongside the apps,” reads a report published by Dr Web.

“The initial version of the game did not contain any malware. On September 28th or 29th, the developer released an update to the game, which included: Android.Phantom.2.origin Trojan horse. It operates in two modes, referred to in the program code as signaling and phantom. ”

On October 15th or 16th, the game was updated again to include Android.Phantom.5, a dropper that carries an Android.Phantom.4.origin remote loader that downloads additional click fraud Trojans. These simple modules rely on JavaScript click scripts rather than ML or video streams. Android.Phantom.5 expands its functionality by allowing you to download the necessary WebRTC libraries.

In addition to the Xiaomi app, the malware spreads through third-party APK sites such as Moddroid and Apkmody, as well as through modified Spotify, YouTube, Deezer, and Netflix apps.

Researchers reported that many “Editor’s Choice” apps on Modroid were infected. The malicious APK is also circulating on Telegram channels and a Discord server with 24,000 users promoting the infected Spotify X app.

Server data shows infections across multiple languages, with Spanish, French, German, Polish, and Italian being the most affected languages ​​after English. Many Asian languages ​​did not have dedicated chats. These Trojans can turn devices into bots for DDoS attacks, enable illegal activities, drain battery and data, and leak personal information via spyware modules. Users without updated antivirus protection are especially at risk, as are children and users seeking access to unofficial apps.

“We recommend that you don’t download mods from untrusted websites or channels. Verifying the source of a mod or app usually takes time, experience, and a keen eye,” the report concludes.

Follow us on Twitter: @securityaffairs and facebook and mastodon