PromptSpy Android Malware Abuses Gemini AI for Advanced Persistence

Cybersecurity researchers at ESET have uncovered what they describe as the first Android malware to abuse Gemini as part of its execution chain to achieve persistence on compromised devices.

The malware, dubbed PromptSpy, leverages Gemini to dynamically analyze the device’s user interface and automate actions that help it remain active. By embedding a hard-coded AI model reference and prompt, the malware assigns Gemini the persona of an “Android automation assistant.”

At runtime, PromptSpy sends Gemini a natural language prompt along with an XML dump of the current screen. This XML file contains granular details about visible UI elements, including their text, type, and screen position. Gemini processes the information and responds with structured JSON instructions, directing the malware where to tap or swipe. Through repeated interactions, PromptSpy ensures it remains pinned in the recent apps list, making it harder for users to swipe away or terminate the malicious app.

According to ESET researcher Lukáš Štefanko, the use of generative AI enables the malware to adapt across devices, layouts, and Android OS versions. Since Android malware often depends on UI navigation, this approach significantly broadens the potential victim pool by eliminating the need for hard-coded screen coordinates.

PromptSpy abuses Android’s Accessibility Services to execute Gemini’s recommended gestures without user interaction. It also saves prior prompts and AI responses, enabling context-aware, multi-step coordination to complete persistence tasks.

Beyond persistence, the malware is designed for remote surveillance and control. It deploys a built-in VNC module that communicates with a hard-coded command-and-control (C2) server via the VNC protocol, granting attackers full remote access to the infected device.

By combining AI-driven UI automation with accessibility abuse and remote control functionality, PromptSpy represents a new evolution in Android malware—one that integrates generative AI directly into its operational workflow to enhance adaptability and persistence.

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

error: Content is protected !!

Share your details to download the Cybersecurity Report 2025

Share your details to download the CISO Handbook 2025

Sign Up for CXO Digital Pulse Newsletters

Share your details to download the Research Report

Share your details to download the Coffee Table Book

Share your details to download the Vision 2023 Research Report

Download 8 Key Insights for Manufacturing for 2023 Report

Sign Up for CISO Handbook 2023

Download India’s Cybersecurity Outlook 2023 Report

Unlock Exclusive Insights: Access the article

Download CIO VISION 2024 Report

Share your details to download the report

Share your details to download the CISO Handbook 2024

Fill your details to Watch