.jpg "PromptSpy is the first known Android malware to use generative AI at runtime")
PromptSpy is the first known Android malware to integrate generative AI into its execution flow, using Googleβs Gemini model to generate device-specific instructions that help it pin and persist in Recent Apps. The spyware also includes a VNC module for full remote access, can capture PINs and screen activity, and uses invisible overlays to block uninstallation. #PromptSpy #Gemini
Keypoints
- PromptSpy is the first Android malware observed to use a generative AI model (Google Gemini) during runtime.
- The malware sends an XML dump of the screen to Gemini and receives JSON-formatted UI actions to pin the app for persistence.
- It abuses Androidβs Accessibility Service to execute AI-generated actions and loops until the app is locked in Recent Apps.
- PromptSpy contains a VNC module that grants remote screen control, can capture PINs, record unlock patterns, screenshots, and user gestures.
- Removal is hindered by invisible overlay buttons and Safe Mode is required; samples were found on VirusTotal and distribution may have used domains impersonating JPMorgan Chase.