Google has uncovered PROMPTFLUX, an experimental VB Script malware that uses AI-driven self-modification to evade detection and establish persistence. Threat actors globally are increasingly leveraging large language models like Gemini to develop sophisticated, adaptive cyber tools for espionage, data theft, and malware development. #PROMPTFLUX #Gemini #AIthreats
Keypoints
- PROMPTFLUX is a VB Script malware that interacts with the Gemini AI model API for obfuscation and evasion.
- The malware periodically queries the AI to regenerate and upgrade its own source code for better stealth.
- Various threat actors, including nation-states, are abusing Gemini for reconnaissance, phishing, and malware creation.
- Malicious use cases include reverse shells, ransomware, credential stealers, and code obfuscation tools powered by AI.
- Google predicts AI will become a standard tool for threat actors to scale and accelerate cyberattacks.
Read More: https://thehackernews.com/2025/11/google-uncovers-promptflux-malware-that.html