AI-driven Android trojan covertly clicks hidden ads via phantom mode

January 22, 2026 at 07:22 PM

•

1 min read

AI-driven Android trojan covertly clicks hidden ads via phantom mode — Photo: BleepingComputer

TL;DR Summary

Researchers have uncovered a new Android click-fraud Trojan family that uses TensorFlow.js to visually identify ad elements and automatically click them. It runs in two modes: phantom, which uses a hidden WebView-based browser to load pages and a loaded ML model to tap the correct UI elements, and signalling, which streams a live video of the virtual screen via WebRTC to allow attackers to perform actions in real time. The malware is distributed through Xiaomi GetApps by infected games, and via third-party APK sites and Telegram/Discord channels promoting modified apps. Impact includes battery drain and higher data usage; users are advised to avoid sideloading apps outside Google Play.

Topics:technology #ai #android #click-fraud #malware #mobile-security #security

Share this article

New Android malware uses AI to click on hidden browser ads BleepingComputer
Some apps on Google Play generating fake ad views, slowing down Android phones: Check Point study abc7chicago.com
Mobile Malware Turns Android Phones Into Silent Engines of Ad Fraud The420.in
New Android Malware Gives Hackers Full Control of Phones varindia.com
New AI-Android Malware that Auto Clicks Ads from the Infected Devices Cyber Security News

Reading Insights

Total Reads

Unique Readers

Time Saved

4 min

vs 5 min read

Condensed

88%

921 → 108 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights