Malware

Android.MobiDash

Android.MobiDash is an Android ad-displaying trojan family reported by Dr.Web as one of the most widespread Android threats during 2025 and into Q1 2026. Its primary behavior is displaying intrusive advertisements. Dr.Web repeatedly grouped it with Android.HiddenAds as a leading ad-trojan family on mobile devices. In Q3 2025, Android.MobiDash was reported as the most widespread Android threat, with detections increasing by 18.19% over the previous quarter. In Q4 2025 it remained among the most widespread Android threats, although detections on protected devices decreased by 43.24%. In Q1 2026, detections declined again, down 32.70% from Q4 2025, as Android banking trojans overtook ad-trojan families in prevalence. Dr.Web also noted that Android.MobiDash.7859 was the top modification among this family in the cited reporting. The provided content does not attribute Android.MobiDash to a specific threat actor, infection vector, or industry targeting, and no specific indicators of compromise beyond the family and variant naming are given.

For your environment

Hunt this family in your stack

Mallory pivots from this family to the IOCs, detections, and named campaigns that touch your stack, and pages you when something new lands.

Start free trial

ACTIVITY FEED

Recent activity

9 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

9 SOURCESView more in app

news drweb comNews

Apr 1, 2026

Dr.Web - Doctor Web’s Q1 2026 review of virus activity on mobile devices

Android ad-displaying trojan family that shows intrusive advertisements on infected devices.

news drweb comNews

Apr 1, 2026

Dr.Web - Doctor Web’s Q1 2026 virus activity review

Android ad-displaying trojan/adware family whose detections declined in Q1 2026.

news drweb comNews

Jan 15, 2026

Dr.Web - Doctor Web’s review of virus activity on mobile devices in 2025

Ad-displaying trojan/module incorporated into Android apps to show obnoxious/intrusive advertising.

news drweb comNews

Jan 15, 2026

Dr.Web - Doctor Web’s virus activity review for 2025

Android ad-displaying trojan/adware family observed as one of the most common mobile threats in 2025.

+5 more in the timeline

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets match these IOCs, which detections are missing, which campaigns to expect next, and what to do in the next 30 minutes.

Start free trial

IOC matching

Match every observed IP, domain, and hash against your live telemetry.

Threat actor attribution

Named campaigns wielding this family, with evidence pinned to each claim.

Exploited vulnerabilities

CVEs this family uses for access and lateral movement.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

MITRE ATT&CK mapping

Every documented technique, ranked by evidence weight.

Researcher chatter

Reddit, Mastodon, and CTI community discussion around this family.