Saturday 04 July 2026 19:57:51 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

AI Security & Agentic Systems

AI on the Offense: PromptSpy Malware Hijacks Androids with Google Gemini Brainpower

Published: 20 February 2026 07:31Category: AI Security & Agentic SystemsGeo: South AmericaAuthor: LOGICFALCON

Subtitle: In a chilling cybercrime first, hackers weaponize generative AI for real-time control and stealth on Android devices.

Picture this: you close a suspicious app on your Android phone, but it seems to magically stay alive, dodging every attempt to uninstall or silence it. Behind this digital sleight of hand lies PromptSpy-a groundbreaking new malware that doesn’t just follow orders, it thinks on its feet, using Google’s Gemini AI to outmaneuver its victims and defenders alike.

Fast Facts

  • First of its kind: PromptSpy is the first known Android malware to leverage generative AI (Google Gemini) for real-time decision-making.
  • Stealthy persistence: Instead of stealing data upfront, the malware uses AI to manipulate the user interface and resist removal.
  • Remote control: Attackers can view and control infected devices live, capturing credentials and screen activity.
  • Banking fraud angle: Distribution campaigns mimic Spanish-language banking sites, primarily targeting users in Argentina.
  • Chinese origins: Technical clues suggest development in a Chinese-speaking environment, despite Latin American targeting.

How PromptSpy’s AI Makes It Unstoppable

Traditional Android malware often stumbles when faced with the diversity of user interfaces and phone brands. PromptSpy shatters these limitations by outsourcing its “thinking” to Google Gemini. Here’s how it works: the malware captures a snapshot of your screen-every button, label, and menu-then sends this data, along with a natural-language prompt, straight to Gemini. The AI responds with precise instructions-like where to tap or swipe-to keep the malicious app alive, even if you try to close or uninstall it.

This AI-powered feedback loop makes PromptSpy nearly universal. It doesn’t rely on hardcoded coordinates or fragile selectors; Gemini interprets the screen context and adapts on the fly. The malware exploits Android’s Accessibility Service to execute these gestures, locks itself in the Recent Apps list, and even overlays invisible rectangles to block your taps on “Uninstall” or “Stop.” The only reliable way out? Reboot in Safe Mode and surgically remove it from system settings.

But PromptSpy isn’t just a ghost that won’t leave. Once installed, it transforms your phone into a puppet: attackers can watch your screen, simulate touches, record videos, steal lockscreen credentials, and report back to a remote server-all protected by AES encryption. The campaign’s infrastructure mimics “MorganArg,” a bogus banking brand designed to lure Spanish-speaking victims, mainly in Argentina. Earlier, related malware samples surfaced in Hong Kong, hinting at global ambitions and a Chinese development base.

Although PromptSpy hasn’t appeared in large-scale attacks yet, ESET researchers warn that its AI-centric persistence marks a dangerous evolution in mobile threats. With Google Play Protect now detecting known variants, only those with sideloaded apps or disabled protections remain at high risk.

Reflections: The Dawn of AI-Driven Malware

PromptSpy is more than a technical curiosity-it’s a warning shot for the future of cybercrime. As generative AI becomes a plaything for attackers, defenders must anticipate malware that adapts, learns, and resists with unprecedented cunning. The line between human and machine ingenuity on the digital battlefield just got a lot blurrier.

WIKICROOK

  • Generative AI: Generative AI is artificial intelligence that creates new content-like text, images, or audio-often mimicking human creativity and style.
  • Accessibility Service: An Accessibility Service is an Android feature that assists users with disabilities, but can be misused by malware to control device functions.
  • VNC (Virtual Network Computing): VNC (Virtual Network Computing) lets users remotely view and control another computer’s screen in real time over a network or the internet.
  • AES Encryption: AES Encryption is a powerful method for converting data into a secure format, ensuring only authorized parties can access the original information.
  • Command: A command is an instruction sent to a device or software, often by a C2 server, directing it to perform specific actions, sometimes for malicious purposes.