EXCLUSIVE: PROMPTSPY MALWARE HIJACKS GOOGLE'S GEMINI AI TO ENSLAVE ANDROID PHONES
A chilling new breed of malware has arrived, and it's using your own AI assistant against you. ESET researchers have exposed PromptSpy, the first known Android malware to weaponize generative AI in its attack chain. This isn't just another data breach; it's a sentient cyber threat that uses Google's Gemini to see your screen and manipulate your device in real-time. The era of AI-powered cybercrime is no longer theoretical—it's actively exploiting a zero-day in user trust.
The malware's core function is a remote-access nightmare, deploying a VNC module to give attackers total control. But its sinister genius lies in its persistence. PromptSpy uses a pre-defined prompt to Gemini, feeding it a screenshot of the device's current UI. The AI then returns step-by-step navigation instructions, teaching the malware how to pin itself in the recent apps list so victims cannot swipe it away. This AI-guided adaptability makes traditional signature-based cybersecurity defenses nearly obsolete against such a context-aware exploit.
"This is a paradigm shift in mobile malware," revealed a senior ESET threat analyst who worked on the discovery. "By outsourcing UI analysis to a generative AI model, the attackers create a single piece of malware that can automatically adapt to thousands of different device layouts and Android versions. It dramatically scales their operational efficiency." This follows the discovery of PromptLock in 2025, marking a clear trend toward AI-driven ransomware and remote access tools.
For every Android user, this is a five-alarm fire. The malware likely spreads through sophisticated phishing campaigns, tricking users into installing a malicious app. Once inside, it bypasses common security prompts with AI-guided precision. The implications are vast: from draining crypto wallets to bypassing blockchain security protocols via a fully controlled device, PromptSpy is a master key for digital theft.
We predict a flood of copycat campaigns within months, as this technique becomes a standard tool for state-sponsored and criminal hackers alike. The fusion of large language models with malware is the ultimate force multiplier in cybercrime.
Your smartphone just got a lot smarter, and now so have the criminals targeting it.
