February 20, 2026

Android Malware Leverages Generative AI for Runtime Attacks: PromptSpy Sets New Threat Landscape

Vaibhav February 20, 2026
Android-Malware-Leverages-Generative-AI-for-Runtime-Attacks-PromptSpy-Sets-New-Threat-Landscapedata
Post Views: 1

Researchers Discover New Android Malware Family “PromptSpy” That Utilizes AI

Researchers have identified a new Android malware family, dubbed PromptSpy, which leverages generative AI to adapt its persistence mechanisms across different devices. This malware is the first known instance of Android malware integrating AI directly into its execution flow.

How PromptSpy Works

PromptSpy utilizes Google’s Gemini model to overcome the challenge of varying app-locking methods across different Android manufacturers. By sending a chat prompt and an XML dump of the current screen to Gemini, the AI model responds with JSON-formatted instructions on how to pin the app. The malware then executes these instructions through Android’s Accessibility Service, ensuring the app remains locked in the recent apps list.

Primary Function and Capabilities

While the use of AI in this context is novel, PromptSpy’s primary function is to act as spyware. The malware features a built-in VNC module, allowing threat actors to gain full remote access to devices with Accessibility permissions granted. This access enables the threat actors to:

  • Upload a list of installed apps
  • Intercept lockscreen PINs or passwords
  • Record the pattern unlock screen as a video
  • Capture screenshots on demand
  • Record screen activity and user gestures
  • Report the current foreground application and screen status

Removal and Distribution

To hinder removal, PromptSpy overlays invisible rectangles over UI buttons, blocking users from uninstalling the app or revoking Accessibility permissions. Victims must reboot into Android Safe Mode to disable third-party apps and remove the malware.

Although the distribution of PromptSpy appears limited, its use of generative AI demonstrates how threat actors are adapting their tactics to create more dynamic and resilient malware. The discovery of this malware highlights the need for continued vigilance in the face of evolving threats.

It is unclear whether PromptSpy is a proof-of-concept or a actively used malware, as ESET has not observed it in their telemetry. However, the presence of a dedicated domain used for distribution suggests that it may have been used in the wild.



About Author

Vaibhav

See author's posts

More Stories

Next-Generation-Cybersecurity-Solutions-Protecting-Against-Evolving-Threatsdata

Next-Generation Cybersecurity Solutions: Protecting Against Evolving Threats

Vaibhav February 20, 2026
Ukrainian-Man-Sentenced-to-5-Years-for-North-Korean-Remote-Work-Scheme-Facilitationdata

Ukrainian Man Sentenced to 5 Years for North Korean Remote Work Scheme Facilitation

Vaibhav February 20, 2026
Critical-Ivanti-EPMM-Vulnerabilities-Under-Attack-Global-Surge-in-Exploitationdata

Critical Ivanti EPMM Vulnerabilities Under Attack: Global Surge in Exploitation

Vaibhav February 20, 2026

You may have missed

Android-Malware-Leverages-Generative-AI-for-Runtime-Attacks-PromptSpy-Sets-New-Threat-Landscapedata

Android Malware Leverages Generative AI for Runtime Attacks: PromptSpy Sets New Threat Landscape

Vaibhav February 20, 2026
Firmware-Backdoors-The-Hidden-Threat-to-Your-Online-Securitydata

Firmware Backdoors: The Hidden Threat to Your Online Security

Vaibhav February 20, 2026
Next-Generation-Cybersecurity-Solutions-Protecting-Against-Evolving-Threatsdata

Next-Generation Cybersecurity Solutions: Protecting Against Evolving Threats

Vaibhav February 20, 2026
Android-Malware-Leverages-Generative-AI-for-Advanced-Threats-PromptSpy-Breakthroughdata

Android Malware Leverages Generative AI for Advanced Threats: PromptSpy Breakthrough

Vaibhav February 20, 2026
Ukrainian-Man-Sentenced-to-5-Years-for-North-Korean-Remote-Work-Scheme-Facilitationdata

Ukrainian Man Sentenced to 5 Years for North Korean Remote Work Scheme Facilitation

Vaibhav February 20, 2026
en_USEnglish
en_USEnglish