Joe Maring / Android Authority
TL;DR Researchers have identified the first known Android malware to use generative AI during execution.
The malware queries Google’s Gemini model to adapt its behavior across different Android devices.
It may be a proof-of-concept version, but it signals a shift toward more dynamic AI-assisted attacks.
It’s been a worrying week on the Android malware front. On Tuesday, we learned of tablets shipping with hidden malware already embedded in their firmware. Now, researchers say they’ve spotted something arguably more futuristic: Android malware that uses Google’s own Gemini AI model during execution.
According to a report highlighted by BleepingComputer, ESET researchers have uncovered a new Android malware family dubbed PromptSpy. Unlike traditional malware that relies entirely on hardcoded instructions, this strain queries Google’s Gemini generative AI model at runtime to help it carry out part of its behavior. In this case, the malware sends Gemini information about what’s currently visible on the infected device’s screen and asks for guidance on what to do next. That allows it to adapt to differences between Android devices and interfaces, rather than relying on a rigid script that might only work on certain models.
Don’t want to miss the best from Android Authority? Set us as a favorite source in Google Discover to never miss our latest exclusive reports, expert analysis, and much more.
to never miss our latest exclusive reports, expert analysis, and much more. You can also set us as a preferred source in Google Search by clicking the button below.
ESET says this is the first known example of Android malware integrating generative AI directly into its execution flow. While the AI component is used for only one feature in this example, it shows how attackers can leverage publicly available AI tools to make malware more flexible and harder to design against.
Beyond the disturbing AI development, PromptSpy functions as spyware. It reportedly includes a built-in remote access module and can collect information such as installed apps and lockscreen credentials once it gains the necessary permissions. It also attempts to make removal more difficult by interfering with efforts to disable it.
... continue reading