This is the first malware for Android that uses generative AI

Cybersecurity researchers have identified the first malware for Android that uses generative artificial intelligence, called PromptSpy.

This malicious program, which leverages Google’s Gemini technology, has the ability to capture data from the lock screen, block uninstallation attempts, and collect device information, in addition to taking screenshots and recording activity in video.

Do not download anything unsafe

PromptSpy is distributed through a dedicated website and has never been available on Google Play, suggesting that this malware campaign is targeted at users in Argentina. According to the analysis, there is evidence pointing to its development originating from a Chinese-speaking environment, as simplified Chinese debugging strings have been found.

The operation of PromptSpy is based on Gemini, which allows the malware to analyze the current screen and provides detailed instructions to ensure that the malicious application remains active in the recent list. This is achieved by using accessibility services, which forces users to restart the device in safe mode to uninstall the program. Interaction is done through a command and control server, giving attackers remote access to the victim’s device.

ESET researchers, who made the discovery, point out that PromptSpy represents a significant evolution of Android malware, using generative AI that allows it to adapt to different devices and operating system versions. This approach not only facilitates a more dynamic interaction but also makes it more complicated for users to eradicate it.

It has been indicated that the tactics employed suggest a possible financial objective on the part of the threat actors, highlighting the increasing sophistication of cyber attacks in the mobile space.

Author: Chema Carvajal Sarabia

{ "de-DE": "Journalist, spezialisiert auf Technologie, Unterhaltung und Videospiele. Über das zu schreiben, was mich begeistert (Gadgets, Spiele und Filme), ermöglicht es mir, bei Verstand zu bleiben und mit einem Lächeln im Gesicht aufzuwachen, wenn der Wecker klingelt. PS: Das stimmt nicht 100% der Zeit.", "en-US": "Journalist specialized in technology, entertainment and video games. Writing about what I'm passionate about (gadgets, games and movies) allows me to stay sane and wake up with a smile on my face when the alarm clock goes off. PS: this is not true 100% of the time.", "es-ES": "Content Manager - Periodista especializado en tecnología, entretenimiento y videojuegos. Escribir sobre lo que me apasiona (cacharros, juegos y cine) me permite seguir cuerdo y despertarme con una sonrisa cuando suena el despertador. PD: esto no es cierto el 100 % de las veces.", "fr-FR": "Journaliste spécialisé dans la technologie, le divertissement et les jeux vidéo. Écrire sur ce qui me passionne (gadgets, jeux et films) me permet de rester sain d'esprit et de me réveiller avec le sourire aux lèvres quand le réveil sonne. PS : cela n'est pas vrai 100 % du temps.", "it-IT": "Giornalista specializzato in tecnologia, intrattenimento e videogiochi. Scrivere di ciò che mi appassiona (gadget, giochi e film) mi permette di mantenere la sanità mentale e di svegliarmi con un sorriso sul viso quando suona la sveglia. PS: questo non è vero al 100% del tempo.", "ja-JP": "", "nl-NL": "", "pl-PL": "", "pt-BR": "Jornalista especializado em tecnologia, entretenimento e videogames. Escrever sobre o que me apaixona (gadgets, jogos e filmes) me permite manter a sanidade e acordar com um sorriso no rosto quando o despertador toca. PS: isso não é verdade 100% do tempo.", "social": { "email": "chemacs91@gmail.com", "facebook": "", "twitter": "https://twitter.com/chematopetazo", "linkedin": "" } } View all posts by Chema Carvajal Sarabia