Android malware uses Google’s own Gemini AI to adapt in real time
Android Authority • • technology
Key Points:
- Researchers from ESET have identified the first known Android malware, named PromptSpy, that uses Google's Gemini generative AI model during execution to adapt its behavior based on the infected device's screen content.
- PromptSpy functions as spyware with remote access capabilities, collecting sensitive information like installed apps and lockscreen credentials, and attempts to resist removal by interfering with disabling efforts.
- Although the malware's active spread remains unclear and may be limited to a proof-of-concept stage, its use of generative AI signals a new, more dynamic approach to malware design that leverages AI to evade traditional defenses.
- Google has confirmed that no apps containing this malware are currently found on Google Play and assured that Android users are protected by Google Play Protect, which can detect
