A new Android malware named PromptSpy has been discovered by cybersecurity researchers. It is being described as the first known Android malware to use generative AI while running on a device. This marks a significant change in how mobile threats are being developed. Instead of relying only on fixed code, this malware can make decisions dynamically.
The threat was identified by researchers at ESET, who published a detailed technical analysis of its behavior. According to their findings, PromptSpy interacts with Google’s Gemini generative AI model during execution. This allows it to receive responses from the AI and adjust its actions accordingly. It represents a new stage in the evolution of Android malware.
Unlike traditional malware that follows pre-written scripts, PromptSpy sends screen information to Gemini and waits for instructions. The AI then provides guidance on how to interact with on-screen elements. This makes the malware more flexible across different Android devices. It can adapt to various interface designs instead of failing on unfamiliar layouts.
One of the malware’s main goals is persistence, meaning it tries to remain active even after a reboot. It attempts to keep itself in the recent apps list so that the system does not easily terminate it. Since different manufacturers design this feature differently, fixed commands may not work. By using AI, PromptSpy figures out the correct steps for each specific device.
PromptSpy also includes a Virtual Network Computing (VNC) module. This feature allows attackers to remotely view and control the infected device. Through this access, they can monitor user activity and interact with the phone in real time. It also abuses Android’s Accessibility Services to gain deeper control.
The malware is capable of collecting various types of sensitive data. This includes device information, installed applications, screenshots, lock screen credentials, and even recorded video of user interactions. It encrypts communication with its command-and-control server to avoid detection. These capabilities show that it functions as a full-featured spyware tool.
To make removal difficult, PromptSpy uses invisible overlays on important system buttons. For example, it can block the “Uninstall” or “Stop” buttons by placing hidden layers over them. This prevents users from easily disabling the malicious app. Researchers say the safest removal method is rebooting the device into Safe Mode.
So far, researchers have not observed widespread infections in their telemetry data. However, the discovery shows that cybercriminals are experimenting with generative AI in real-world malware. This is the first confirmed case of AI being directly integrated into Android malware operations. Experts believe this could signal a future trend of smarter and more adaptive mobile threats.
Stay alert, and keep your security measures updated!
Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
