A new Android click-fraud Trojan family utilizes TensorFlow.js for visual analysis, bypassing traditional script-based methods. The malware is distributed through Xiaomiβs GetApps store, third-party APK sites, and Telegram channels. #TensorFlowJS #ClickFraudTrojan
Keypoints
- The malware uses machine learning models for dynamic ad element detection instead of predefined scripts.
- It employs a hidden WebView-based browser and remote-trained models to automate ad interactions.
- The Trojan is distributed via official app store updates, third-party APK sites, and messaging platforms like Telegram.
- Infected apps include popular games and modified versions of streaming services like Spotify and YouTube.
- Victims experience battery drain and increased data costs without obvious signs of malicious activity.