New MagicAd Android Malware Flood Device With Ads Bypassing Restrictions

MagicAd is an Android trojan discovered in 2025 that was embedded in more than 50 apps on Xiaomi's GetApps and observed in other stores; it persistently displays ads by abusing Translucent Activities, system apps (intents/Binder), and an audio/media-control trick to bypass overlay permissions, while employing multiple persistence and anti-analysis mechanisms. The report includes IoCs (malware names and module identifiers), describes distribution and evasion techniques, and advises users to remove suspicious apps and keep devices updated.