Label with EU stars, 'Made in Europe' text.
~

PromptSpy: Revolutionizing Android threats with GenAI techniques

Feb 20, 2026 | Threat Intelligence Research

Android Malware Leverages Generative AI for UI Manipulation

TL;DR: ESET researchers discovered PromptSpy, the first Android malware utilizing generative AI for context-aware UI manipulation. This innovative malware targets users primarily in Argentina and showcases enhanced evasion techniques.

ESET has identified PromptSpy, the first Android malware that incorporates generative AI, specifically Google’s Gemini, to manipulate user interfaces. Unlike prior malware, which primarily relied on hardcoded navigation commands, PromptSpy uses AI to dynamically adapt to various screen layouts, enabling it to maintain persistence on devices by consistently remaining in the recent apps list. This represents a significant advancement in malware sophistication, as it automates complex interactions traditionally reliant on static programming.

PromptSpy’s architecture is designed to deploy a remote access tool that allows attackers to control compromised devices. It misuses the Accessibility Service to obstruct uninstallation efforts with invisible overlays that capture interactions aimed at removing the malware. The primary distribution channel for PromptSpy appears to be a rogue website, indicating a targeted financial motivation, predominantly affecting users in Argentina. Moreover, initial analysis suggests a Chinese-speaking environment linked to its development, hinting at potential international collaboration among cybercriminals.

Why this matters: The emergence of PromptSpy highlights a troubling trend in malware development where generative AI is exploited to enhance operational stealth and effectiveness. This evolution poses a significant threat to Android users, as the adaptability of malware complicates detection and remediation for defenders.

To mitigate risks associated with AI-powered malware like PromptSpy, organizations should leverage threat intelligence and monitoring tools like SIEMs to quickly identify and respond to threats. Regular vulnerability scans can also help identify weaknesses that malware might exploit.

Indicators of Compromise (IOCs):

  • Malware Samples:

    • mgapp.apk, app-release.apk, etc. (various PromptSpy samples)

  • Network:

    • Command and Control (C&C) IP: 54.67.2[.]84
    • Distribution Domain: mgardownload[.]com, m-mgarg[.]com (both associated with phishing)

  • MITRE ATT&CK Techniques:

    • Persistence: T1398, T1541
    • Defense Evasion: T1516
    • Credential Access: T1417.002

Click here for the full article

Try our Intelligence today!

Streamline your security operations with a free Q-Feeds trial and see the difference.

Activate free access

Other articles