You know, the progress of technology is supposed to be a good thing. More advanced computers, phones, software, you name it. But it’s a double-edged sword. More advanced tech means more advanced malware. Unfortunately, that appears to be the case where a newly discovered Android malware is using AI to click on hidden browser ads.
New Android malware leverages AI to click on ads
The researchers over at mobile security company Dr. Web discovered a new family of Android malware that actually uses AI to carry out classic click-fraud activities. It turns out this malware uses TensorFlow.js, which, for those unfamiliar, is basically an open-source library created by Google for training and deploying machine learning models in JavaScript.
So, how does this malware work? According to the researchers, the malware can operate in “phantom” mode. This uses a hidden WebView-based embedded browser to load a target page. It will also load a JavaScript file meant to automate actions on the ads shown on the site.
Now, in the past, click-fraud trojans would rely on predefined JavaScript click routines. However, by making use of AI, it can analyze the screenshots taken by the malware to identify relevant elements. This also allows the malware to get around ad variability, which can change structure. The malware can even activate a second mode that streams a live video feed of the virtual browser. This in turn lets the attackers perform actions manually and in real time.
Protecting yourself
Now, the good news is that clickjacking and ad fraud aren’t necessarily threats to your data or privacy. However, this doesn’t mean there are no downsides. The background activity can drain your phone’s battery, ultimately degrading it faster than you would like.
The worst part about this malware is its distribution. Somehow, it managed to embed itself in apps distributed through GetApps, which is the official Xiaomi app store. The malware embedded itself in a bunch of games, some of which actually work, making it seem less suspicious.
To prevent this from happening to you, it’s best to download apps via Google Play. We know sometimes sideloading apps can be fun, but it also means taking a risk.
The post New AI-Powered Malware Uses Android Devices for Ad Fraud appeared first on Android Headlines.
