TL;DR
- A newly discovered type of malware uses machine learning to automatically interact with ads and perform fraud.
- It can also be used to give hackers access to your screen.
- The malware has been found in certain games distributed through inappropriate app stores, and some have also been found in Xiaomi’s GetApps app store.
AI is designed to make our lives easier, but it is also adept at making our lives harder. AI-powered tools are becoming increasingly popular among hackers, allowing them to launch sophisticated attacks that deviate from established patterns. One such malware has been detected in several Android games and can be used to commit fraud or attack others through your device.
Dr.Web researchers (via) peepee computer) used AI to identify a class of ad-clicking Trojans. According to researchers, so-called “clickjacking” malware uses Google’s open-source TensorFlow.js library to run machine learning models to interact with ads within specific apps and games. Ads are common in free-to-play casual Android games, and some developers may resort to using Trojan horses to artificially inflate click-through rates and thereby increase the revenue earned from these ads.
The malware uses machine learning models to analyze page content when an ad is displayed and interact with the ad without user interaction. Machine learning can especially help overcome the challenges posed by dynamic and diverse ads embedded in apps and games. It can also operate in “phantom” mode, loading hidden browser windows and automatically manipulating advertisements.
I don’t want to miss out on the best Android permissions?
If a machine learning model fails, colluding developers or other malicious parties can take over a user’s screen and use a technique called “signaling” to manually perform actions such as scrolling or tapping.
Dr. Web has identified that some of these Trojan-laced games are being distributed using Xiaomi’s alternative app store GetApps. All of these are believed to be from a single developer: Shenzhen Ruiren Network Co. Ltd.
Based on the analysis, the team identified the following games that contain traces of malware:
- creative magic world
- cute pet house
- amazing unicorn party
- Sakura Dream Academy
- theft auto mafia
- open world gangsters
In addition to Xiaomi’s app store, these games are also distributed through fraudulent APK distribution platforms such as Apkmody and Moddroid, as well as Telegram channels that claim to offer modified versions of apps such as Spotify and Netflix.
The researchers add that while clickjacking and ad fraud do not immediately harm users, the malware, especially with its ability to remotely hijack users’ devices, could be used for data theft or even as a means to target other users with infected or more advanced APKs.
Thank you for joining our community. Please read our comment policy before posting.
