It’s a class of ad fraud that is done by fraudsters using the device malware to attribute themselves. The real publisher doesn’t get attributed for genuine app installs.