HiddenAd
HiddenAd is an Android adware family identified in Kaspersky mobile threat reporting as one of the most widespread adware threats affecting mobile users. Across the cited reporting periods, it was repeatedly among the top adware detections: 56.3% of the most widespread adware detections in Q3 2025, and 44.9% of adware encounters/detections in Q1 2026. Kaspersky also reported that the proportion of users affected by HiddenAd grew in Q2 2025. The provided content characterizes HiddenAd specifically as adware; no additional high-confidence details are provided here about its infection vector, technical behavior, associated threat actor, or industry targeting beyond its prevalence in Android/mobile telemetry.
Hunt this family in your stack
Mallory pivots from this family to the IOCs, detections, and named campaigns that touch your stack, and pages you when something new lands.
Recent activity
4 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Adware family frequently encountered by mobile users in the quarter.
Android adware family; user impact increased in Q2 2025 per the report’s telemetry.
A mobile adware family that was one of the most common adware detections in Q1 2026.
A leading Android adware family by share of attacked users in Q3 2025.
The version that knows your environment.
Match every observed IP, domain, and hash against your live telemetry.
Named campaigns wielding this family, with evidence pinned to each claim.
CVEs this family uses for access and lateral movement.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Every documented technique, ranked by evidence weight.
Reddit, Mastodon, and CTI community discussion around this family.