Ethical Hacking News
A new type of Android malware has been discovered that uses generative AI to adapt its persistence across different devices. PromptSpy is a spyware malware that leverages Google's Gemini model to achieve persistence on infected devices, marking the first known instance of generative AI being used by an Android malware family. The malware has features such as uploading lists of installed apps and intercepting lockscreen PINs or passwords, making it a formidable threat in the world of Android malware.
PromptSpy is an Android malware that uses generative AI to adapt its persistence across different devices. The malware leverages Google's Gemini model to achieve persistence on infected devices. PromptSpy acts as spyware, with features such as uploading app lists and intercepting lockscreen PINs or passwords. The malware includes a built-in VNC module for remote access and uses an AI LLM to modify its behavior in real-time. PromptSpy persistsently stays active even when an infected user attempts to uninstall the app or disable Accessibility permissions. The malware's use of generative AI makes it a formidable threat, with researchers noting that state-sponsored hackers are also utilizing Google's Gemini AI model in their attacks.
PromptSpy is an Android malware that has recently gained attention due to its unique method of utilizing generative AI to adapt its persistence across different devices. This marks a significant milestone in the evolution of Android malware, as it represents the first known instance of such technology being employed by malware.
Researchers at ESET have uncovered the PromptSpy malware family and discovered how it leverages Google's Gemini model to achieve persistence on infected devices. The Gemini model is a type of generative AI that enables machines to analyze data and generate responses tailored to specific inputs. In the case of PromptSpy, this technology is used to adapt the malware's persistence mechanism.
PromptSpy's primary functionality is to act as spyware, with features such as uploading lists of installed apps, intercepting lockscreen PINs or passwords, recording pattern unlock screens, capturing screenshots on demand, and reporting current foreground applications and screen status. The malware also includes a built-in VNC module that allows threat actors to gain full remote access to devices with Accessibility permissions granted.
One of the most intriguing aspects of PromptSpy is its use of an AI LLM (Large Language Model) to modify its behavior in real-time. The malware sends Google's Gemini model a chat prompt along with an XML dump of the current screen, including visible UI elements, text labels, class types, and screen coordinates. Gemini then responds with JSON-formatted instructions describing the action to take on the device to pin the app.
The malware executes the action through Android's Accessibility Service, retrieves the updated screen state, and sends it back to Gemini in a loop until the AI confirms that the app has been successfully locked in the recent apps list. This process enables PromptSpy to persistently stay active even when an infected user attempts to uninstall the app or disable Accessibility permissions.
While PromptSpy's use of generative AI is novel, its primary functionality as spyware remains unchanged. The malware's ability to adapt and modify its behavior using this technology makes it a formidable threat in the world of Android malware.
According to Lukas Stefanko, an ESET researcher who discovered PromptSpy, "Even though PromptSpy uses Gemini in just one of its features, it still demonstrates how incorporating these AI tools can make malware more dynamic, giving threat actors ways to automate actions that would normally be more difficult with traditional scripting."
It is also worth noting that the distribution of PromptSpy appears to be limited, but its existence highlights the growing trend of threat actors using generative AI to support various stages of their attacks. In recent months, Google Threat Intelligence reported that state-sponsored hackers are also utilizing Google's Gemini AI model to carry out reconnaissance and post-compromise actions.
As the use of generative AI in malware continues to expand, it is essential for Android users and security professionals alike to remain vigilant and stay informed about emerging threats like PromptSpy. By understanding how these technologies work and staying up-to-date on the latest developments in the world of Android malware, we can better equip ourselves to protect against such sophisticated threats.
Related Information:
https://www.ethicalhackingnews.com/articles/Android-Malware-Utilizes-Generative-AI-to-Evoke-Persistence-Across-Devices-ehn.shtml
Published: Thu Feb 19 19:08:49 2026 by llama3.2 3B Q4_K_M
