- Android Trojans use TensorFlow AI to imitate human clicks on ads for fraudulent purposes
- Fake apps on GetApps and other platforms spread malware with hidden browsers
- At least six apps found, totaling more than 155,000 downloads
Cybercriminals have apparently found a way to use artificial intelligence (AI) to defraud advertising, fooling traditional behavioral defenses and successfully defrauding ad networks and advertisers.
Advertising networks and advertisers make money, among other things, when people click on advertisements. Since the dawn of online advertising, criminals have been looking for ways to automate clicks, in order to generate a large number of ad views and thus get paid.
Since fake clicks cannot be programmed and automated, ad networks have turned to behavioral analytics to defend themselves. When clicks occur too quickly, not randomly enough, or the like, they are considered fake. On some websites, ads appeared in different locations dynamically, preventing automated clicks.
Fake apps to fuel fraud
Now, the newly discovered Android Trojans use TensorFlow machine learning models to detect and click on ads in a way that better mimics human behavior.
Instead of predefined JavaScript routines, the new mechanisms rely solely on visual analysis, powered by machine learning. Using TensorFlow.js, an open source library for training and deploying machine learning models in JavaScript, scammers can run AI models in browsers or on servers using Node.js.
To deliver the malware to victims’ Android devices, the criminals created numerous fake apps and managed to place them on GetApps, Xiaomi’s official app repository. Researchers also found these apps on many standalone websites, social media platforms and instant messaging channels such as Telegram.
The apps operate in a mode called “ghosting” that uses a hidden built-in browser into which advertisements are loaded. The browser is placed on a virtual screen; screenshots are shared with TensorFlow to analyze and identify where the ads are located.
As a result, tapping UI elements feels more natural, fooling traditional behavior-based defenses.
It was also said that the malware could live stream the virtual browser screen directly to attackers, granting them unrestricted access to tap, scroll, and enter commands.
So far, at least six apps have been found, totaling over 155,000 downloads.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
