Is your phone committing ad fraud? This AI malware may be responsible

The ingenuity of people who develop new cybersecurity threats will never cease to amaze. A report indicates that a new malware is being spread through Android games that could use AI to commit ad fraud through your phone without your knowledge.

Researchers describe it as a “clickjacking” malware that relies on Google's TensorFlow.js library to execute machine learning models on your device that quietly interact with ads.

According to the report in BleepingComputer, this malware performs visual analysis based on machine learning, while conventional click fraud malware typically used predefined JavaScript click routines.

It analyzes the page content and interacts with the ads without the user knowing about it. The malware can even operate in a “phantom” mode where a hidden WebView-based embedded browser is used to load a target page for click fraud and a JavaScript file. The script then automates the actions on the ads that are shown on the site.

The affected games have primarily been distributed through Xiaomi's GetApps alternative to the Play Store. Researchers have also found the infected games on third-party app/APK distribution platforms. The malware is even being distributed through alleged modded versions of popular apps like Spotify and Netflix that are commonly distributed through Telegram groups.

So if you have a habit of downloading games and apps from sources other the Play Store, you best watch out.