This nasty Android adware is making phones unusable — how to stay safe

A picture of a skull and bones on a smartphone depicting malware
(Image credit: Shutterstock)

I often warn about the dangers posed by info-stealing malware and banking trojans but there’s another mobile threat you need to worry about: adware. In fact, an adware infection can render one of the best Android phones unusable with ads popping out of nowhere when you least expect it.

According to a new blog post from the cybersecurity firm Malwrebytes, the MobiDash adware has returned to wreak havoc on vulnerable Android phones. First discovered back in 2015, this adware has continued to spread in the time since through hundreds of different variants. 

At the same time though, it also comes as a pre-packaged set of tools that hackers and scammers can add to any Android Application Package or APK file which makes distributing  it even easier.

Here’s everything you need to know about the MobiDash adware along with some tips on how to stay safe from having your own Android phone infested with annoying ads.

Hiding in plain sight

One of the main things that helps MobiDash stand out from other types of adware is that it can easily be added to legitimate Android apps without changing how they work. 

For instance, let’s say you download and install a flashlight app (which I don’t recommend for obvious reasons). The app itself will still work as intended but hidden inside it, there will be adware waiting to fill your phone’s screen with unwanted ads.

To make matters worse, MobiDash often waits for several days before activating on an infected phone. This makes the annoying ads it serves up harder to detect, especially if you recently installed several new apps on your Android smartphone.

Malwarebytes’ ThreatDown cybersecurity platform recently uncovered a new MobiDash campaign that spread through phishing emails as well as in links on social media posts made by real people as well as bots. 

With these posts on Facebook, users who click on a link in a screenshot (something you should absolutely avoid) are then sent through a chain of redirects which ends in an APK file being automatically downloaded to their phone. Likewise, Malwarebytes’ researchers also found that MobiDash was being spread on adult sites in a similar way.

How to stay safe from adware

A hand holding a phone securely logging in

(Image credit: Google)

Staying safe from this particular campaign is quite easy and you can avoid falling victim to the MobiDash malware by not sideloading apps. While you shouldn’t sideload apps in the first place, you definitely should install any APK file that’s randomly downloaded onto your smartphone after clicking on a link in an email or social media post.

Besides adware, sideloading apps can leave you with a nasty malware infection and those who did fall for this latest MobiDash campaign got off lucky. Instead of sideloading, you should only download apps from the Google Play Store or from official third-party app stores like the Samsung Galaxy Store or the Amazon Appstore.

To keep your Android phone protected from adware, malware, spyware and other threats, you want to make sure that Google Play Protect is enabled. This pre-installed app scans any new apps you download as well as your existing ones to help keep you and your data safe. For extra protection though, you may also want to consider running one of the best Android antivirus apps alongside it on your phone.

Hackers and scammers are always coming up with clever new campaigns designed to steal your data and your hard-earned cash or in this case, to bombard your phones with ads in order to commit ad fraud. However, MobiDash could also serve up malicious ads which can infect your phone with malware. Either way, you want to be extra careful where you click and avoid installing apps from unknown sources.

This likely isn’t the last we’ve heard of MobiDash as this particular adware has been going strong for almost a decade.

More from Tom's Guide

Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
Green skull on smartphone screen.
Hackers are using the Amazon Appstore to spread malware — delete this malicious app now
Green skull on smartphone screen.
This Android banking trojan steals passwords to take over your accounts — and all it takes is a single text message
A laptop displaying the Chrome logo
Don't click this — malicious ads impersonating Google Chrome spreading dangerous malware
Green skull on smartphone screen.
Hackers are spreading info-stealing malware and taking over accounts using fake wedding invitations — how to stay safe
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.
Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
A hacker typing quickly on a keyboard
Hackers are posing as Apple and Google to infect Macs with malware — don’t fall for these fake browser updates
Latest in Malware & Adware
A person on a laptop converting a PDF to a DOC
FBI issues warning over free online file converters that infect your PC with malware
A hacker typing quickly on a keyboard
New MassJacker malware is hijacking digital wallets to steal large sums from users
A person trying to set up a new Wi-Fi router
Thousands of TP-Link routers have been infected by a botnet to spread malware
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.
Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
Green skull on smartphone screen.
Over 1 million Android devices infected with password-stealing, pre-installed botnet malware — how to stay safe
Green skull on smartphone screen.
This Android banking trojan steals passwords to take over your accounts — and all it takes is a single text message
Latest in News
Adam Sandler in Happy Gilmore 2
Netflix sets 'Happy Gilmore 2' release date with a brand new trailer — and it's looking good
Nvidia CES 2025
Nvidia GTC 2025 live — what's next in AI, robotics and accelerated computing
Foldable MacBook concept
Apple's 18-inch foldable just tipped to run macOS — yup, the world's first touchscreen Mac
Martha Stewart and QVC
Martha Stewart’s new gardening collection is perfect for spring — 3 must-haves I'm adding to my basket
Ninja Air fryer DZ550 with meat probe
Viral TikTok reveals secret gadget built into Ninja air fryer
Apple iPhone 16 held in the hand.
iPhone 17 tipped for long overdue camera upgrade — what you need to know
  • oldtimer114
    In a world where Google and Microsoft have become as much a threat to our privacy and security as any form of malware we might encounter, who can we actually trust to provide apps that are safe, secure and actually protect our privacy and our personal information?
    I am new to smartphones, having used flip phones for security reasons for the past 20 years.
    Reply