"ESET researchers uncovered the first known case of Android malware abusing generative AI for context-aware user interface manipulation. While machine learning has been used to similar ends already – just recently, researchers at Dr.WEB found Android.Phantom, which uses TensorFlow machine learning models to analyze advertisement screenshots and automatically click on detected elements for large scale ad fraud – this is the first time we have seen generative AI deployed in this manner. Because the attackers rely on prompting an AI model (in this instance, Google’s Gemini) to guide malicious UI manipulation, we have named this family PromptSpy. This is the second AI powered malware we have discovered – following PromptLock in August 2025, the first known case of AI-driven ransomware.
While generative AI is deployed only in a relatively minor part of PromptSpy's code – that responsible for achieving persistence – it still has a significant impact on the malware's adaptability. Specifically, Gemini is used to analyze the current screen and provide PromptSpy with step-by-step instructions on how to ensure the malicious app remains pinned in the recent apps list, thus preventing it from being easily swiped away or killed by the system. The AI model and prompt are predefined in the code and cannot be changed. Since Android malware often relies on UI navigation, leveraging generative AI enables the threat actors to adapt to more or less any device, layout, or OS version, which can greatly expand the pool of potential victims.
The main purpose of PromptSpy is to deploy a built-in VNC module, giving operators remote access to the victim’s device. This Android malware also abuses the Accessibility Service to block uninstallation with invisible overlays, captures lockscreen data, records video. It communicates with its C&C server via the VNC protocol, using AES encryption."
https://www.welivesecurity.com/en/eset-research/promptspy-ushers-in-era-android-threats-using-genai/
#CyberSecurity #PromptSpy #AI #GenerativeAI #Android #Malware
Android Malware Leverages Google Gemini for Adaptive Operations
PromptSpy, a new Android malware, uses Google Gemini AI to adapt and steal sensitive data like PINs and passwords. Learn how it affects your phone.
#PromptSpy, #AndroidMalware, #GoogleGemini, #CyberSecurity, #DataTheft
https://newsletter.tf/android-malware-promptspy-uses-gemini-ai/
New Android malware called PromptSpy uses Google Gemini AI to change its behavior and steal your data. This is the first time AI has been used this way in malware.
#PromptSpy, #AndroidMalware, #GoogleGemini, #CyberSecurity, #DataTheft
https://newsletter.tf/android-malware-promptspy-uses-gemini-ai/
CYBERCRIME QUIZ WEEK 8 - TEST JE KENNIS!
PromptSpy, ClickFix, 600 gehackte firewalls en een babbeltruc in Breda. Weet jij alles? Test het in 20 vragen!
https://www.ccinfo.nl/menu-onderwijs-ontwikkeling/leerplek/quiz-08-2026
#cybercrime #quiz #cybersecurity #PromptSpy #ransomware #Nederland
新型態安卓 #惡意軟體 #PromptSpy 濫用 #Gemini 持續在受害裝置活動 | iThome
https://www.ithome.com.tw/news/174001
》駭客也透過 #無障礙服務,阻撓受害者移除或停用惡意程式,具體作法是在特定螢幕區域加上透明的覆蓋區域,使用者看到的操作介面同於一般應用程式,不過,若按下「移除」或「強制停止」等按鈕,將會無法執行這些操作。
用無障礙已經很痛苦了,這個惡意軟體還惡意利用無障礙下手,好噁心。
NB406: PROMPTSPY KAPT JE ANDROID EN 90% RANSOMWARE VIA JE FIREWALL
ClickFix in vier varianten, PromptSpy besmet Android via Gemini AI, Odido-soap groeit, cepezed gehackt en 90% ransomware begint bij je firewall.
#Nieuwsbrief #ccinfo #cybersecurity #PromptSpy #ClickFix #ransomware #Nederland
#PromptSpy is the first known #Android #malware to use generative #AI at runtime
🚨 The Cyber Mind Weekly Brief is live! Dive into the first Gen-AI embedded Android malware (PromptSpy), the BeyondTrust zero-day ransomware surge, & why defenders must become "Architects" of their infrastructure.
Read Here:
https://thecybermind.co/?p=7902
#Cybersecurity #PromptSpy #ZeroDay
Scripter 
Miguel Afonso Caetano
NewsletterTF
ccinfo.nl
SiaoW🐾
The New Oil
thecybermind
hackmac