Invisible Adware: Unveiling Ad Fraud Targeting Android Users

McAfee Mobile Research discovered an Android ad-fraud (Android/Clicker) library embedded in 43 Google Play apps (≈2.5M collective downloads) that uses a weeks-long latent period and Firebase remote resources to fetch and display ads while the device screen is off; the behavior abuses background and overlay permissions, drains battery and data, can distort advertising metrics and enable hidden click/phishing activity, and includes comprehensive IoCs (domains, package names, SHA256) with affected apps reported to Google.