Warning: Infected apps are making phones tap ads without users knowing

Robert Haba
Robert Haba
2 min read
Warning: Infected apps are making phones tap ads without users knowing
Trust this source on Google
Add trusted source

Two groups of researchers have found two new, distinct types of malware that function similarly and are embedded in a variety of programs that are accessible through different channels. Worst of all, the standard advice to “don’t install apps from strange sites” is less helpful because some of them are even available on the Google Play Store.

Although these two pieces of malware appear to be distinct, they function similarly. They exploit the functions of your phone to click on advertisements nonstop, slowing it down and significantly depleting its battery.

Virtual screens, real ads

Researchers at the mobile security company Dr.Web found the latest recent spyware, which has not yet been named. Bleeping Computer revealed the discovery. This malware makes use of the TensorFlow.js framework that Google distributed with Android phones to enable machine learning operations in browsers.

And it works: when the malware is activated, it creates a virtual (false) screen where it shows and clicks on advertisements. Compared to more traditional ad-clickers, the clicks appear far more natural due to the usage of a machine learning technique. However, it has an equally detrimental effect on your device as earlier malware, with notable effects on battery life and processing speed.

Even worse, the app allows attackers to interact with the fake display as needed by opening a permanent livestream on your device.

Interestingly, Xiaomi’s GetApps software catalog is where the apps originates. Dr.Web claims that the malware is introduced after the apps are uploaded, avoiding all possible security measures.

inevitably, third-party app websites like Apkmody and Moddroid have also been severely compromised by the malware. Researchers assert that both the latter’s Editor’s Choice list and “premium” versions of apps like Spotify that may be accessible on Telegram channels are rife with compromised apps.

Google Pixel Watch 4

Google Pixel Watch 4

4.8 / 5.0
Est. Price
396.00$499.9921% OFF
Buy
Google Pixel 9

Google Pixel 9

5.0 / 5.0
Est. Price
$544.99$799.0032% OFF
Buy
👑A good choice
Apple iPhone 17 Pro

Apple iPhone 17 Pro

4.8 / 5.0
Est. Price
$1,012.97$1,099.008% OFF
Buy
Samsung Galaxy Watch 8

Samsung Galaxy Watch 8

4.9 / 5.0
Est. Price
$289.99$349.9917% OFF
Buy
Budget
Nothing Phone (4a) Pro

Nothing Phone (4a) Pro

4.5 / 5.0
Est. Price
$494.99$599.0017% OFF
Buy
* As an Amazon Associate, Droid Tools earns from qualifying purchases. Learn more in our Affiliate Disclosure.
Founder · Editor-in-Chief
Robert Haba is the founder and editor-in-chief of Droid Tools. A lifelong gadget enthusiast with over a decade following the Android ecosystem, he built this publication to cut through the noise and give readers honest, real-world coverage of the tech they actually use.

Comments & Discussions

Join the conversation! We use Disqus to handle comments. Click the button below to load the comment section.

Keep Reading

Early Geekbench results for the Snapdragon 6 Gen 5 show almost no CPU improvement over the Snapdragon 6 Gen 4, with the older chip actually edging it out in single-core performance. GPU gains look more promising, sitting around 20%, but raw processing power appears to be largely unchanged. Typically, when a company like Qualcomm releases […]

Snapdragon 6 Gen 5
NewsRobert HabaJuly 3, 2026

New software launches rarely go off without a hitch, and Android 17 is proving no different. Shortly after the update rolled out, Pixel owners began reporting connectivity problems — specifically, losing access to 5G entirely after installing the update. Reports surfaced on the Google Pixel subreddit, with multiple users across different device generations describing the […]

android 17 update
NewsRobert HabaJune 23, 2026