What happened
Security researchers at ESET have identified PromptSpy, the first known Android malware to integrate generative AI, specifically Google’s Gemini model, into its execution flow to automate persistence and resist removal on infected devices.
Who is affected
While distribution appears limited and not yet detected in widespread telemetry, the malware is delivered via fake apps masquerading as banking software and primarily targets Android devices outside official app stores, with indications of a focus on Argentina.
Why CISOs should care
PromptSpy’s use of AI to automate UI navigation and harden persistence marks a significant evolution in mobile threats, expanding the potential victim base across diverse devices and UI variants. Its capabilities, remote access, screen recording, lockscreen credential capture, and anti-uninstall techniques, underscore the growing sophistication of threats targeting enterprise endpoints and BYOD scenarios.
3 practical actions
- Enhance mobile threat defense: Ensure endpoint management platforms include advanced mobile threat detection and blockers for AI-assisted malware and unauthorized sideloaded apps.
- Educate users on sideload risks: Reinforce policies to prohibit installation of apps from untrusted sources and regularly train users on phishing and fake app campaigns.
- Harden device controls: Enforce strict use of Google Play Protect and accessibility permission reviews, and consider mobile threat intelligence feeds for early detection of emerging malware families.