Android malware taps Gemini to navigate infected devices • The Register

https://www.theregister.com/2026/02/19/genai_malware_android/

Publish Date: 2026-02-19 11:04:00

Cybersecurity researchers say they’ve spotted the first Android malware strain that uses generative AI to improve performance once installed. But it may be only a proof of concept.

ESET calls it PromptSpy, malware whose primary goal is to deploy a VNC module that hands hackers remote control of infected devices.

The Slovak security shop’s experts said PromptSpy comes with capabilities to instruct Google’s Gemini chatbot to interpret parts of the device’s user interface using natural language prompts.

These prompts allow the malware to examine the user interface, which then informs the gestures it needs to execute on the device in order to keep the malicious app pinned to its recent apps list.

Lukas Stefanko, malware researcher at ESET, said the use of GenAI amounts to only a small portion of the malware’s toolkit, but allows it to adapt to different devices.

“The AI model and prompt are predefined in the code and cannot be changed,” he wrote. “Since Android malware often relies on UI navigation, leveraging generative AI enables the threat actors to adapt to more or less any device, layout, or OS version, which can greatly expand the pool of potential victims.”

Android malware usually relies on taps, coordinates, and UI selectors to execute tasks, but these have a tendency to break when running on different devices, which makes the use of Gemini a clever way to bypass this common issue.

PromptSpy submits a natural language prompt to Gemini, together with an XML dump of the device’s current screen, and the chatbot returns JSON instructions for what action to perform and where to perform it to keep the app pinned in the user’s recents list. This process repeats until Gemini tells PromptSpy that the app is in position.

ESET found versions of PromptSpy uploaded to VirusTotal in January, with the Gemini-assisted strains…

Source