Warning: Infected apps are making phones tap ads without users knowing
Two groups of researchers have found two new, distinct types of malware that function similarly and are embedded in a variety of programs that are accessible through different channels. Worst of all, the standard advice to “don’t install apps from strange sites” is less helpful because some of them are even available on the Google Play Store.
Although these two pieces of malware appear to be distinct, they function similarly. They exploit the functions of your phone to click on advertisements nonstop, slowing it down and significantly depleting its battery.
Virtual screens, real ads
Researchers at the mobile security company Dr.Web found the latest recent spyware, which has not yet been named. Bleeping Computer revealed the discovery. This malware makes use of the TensorFlow.js framework that Google distributed with Android phones to enable machine learning operations in browsers.
Read Also: Adobe Acrobat Reader Is Now on Android Auto – Here’s What It Can Actually Do
And it works: when the malware is activated, it creates a virtual (false) screen where it shows and clicks on advertisements. Compared to more traditional ad-clickers, the clicks appear far more natural due to the usage of a machine learning technique. However, it has an equally detrimental effect on your device as earlier malware, with notable effects on battery life and processing speed.
Even worse, the app allows attackers to interact with the fake display as needed by opening a permanent livestream on your device.
Interestingly, Xiaomi’s GetApps software catalog is where the apps originates. Dr.Web claims that the malware is introduced after the apps are uploaded, avoiding all possible security measures.
inevitably, third-party app websites like Apkmody and Moddroid have also been severely compromised by the malware. Researchers assert that both the latter’s Editor’s Choice list and “premium” versions of apps like Spotify that may be accessible on Telegram channels are rife with compromised apps.
Google Pixel 9
Google Pixel Watch 4
Samsung Galaxy Watch 8
Comments & Discussions
Join the conversation! We use Disqus to handle comments. Click the button below to load the comment section.
Keep Reading
Huawei’s next Kirin 5G chipsets for the Mate 90 series are expected to deliver a meaningful performance step up over the 2025 versions, driven by a shift away from Moore’s Law toward Tau’s Scaling Law. According to a new leak, HarmonyOS 7 is being developed with this architectural shift in mind. Weibo leaker @FixedFocus reports […]
The Honor X70 Pro Max has arrived without any formal launch event, slipping onto the market with a focus on durability, battery endurance, and a capable Qualcomm chipset. The phone comes in four color options: Phantom Purple, Sunburst Gold, Bamboo Rhythm Green, and Phantom Night Black. It measures 161.9 x 76.1 x 7.76mm and weighs […]
If Samsung Messages is still the default texting app on a Galaxy phone, July is going to require some attention. The app is being deactivated for US users, and texts, RCS conversations, and message history stored inside it won’t move anywhere on their own. Everything is transitioning to Google Messages – and while the migration […]
Honor has confirmed that its entire Magic series lineup will receive up to 7 years of Android updates in the EU and UK, marking a firm commitment to long-term software support, ongoing security patches, and sustained value for device owners. The announcement came during the launch of the Honor Magic V6 foldable in Malaysia. Honor […]
Being a Pixel owner outside the United States has always come with a catch: a long list of AI features that simply aren’t available in your region. Google has gradually extended some of these to international markets, but the majority remain US-only. That gap may be getting a little smaller, as the company appears to […]
