PromptSpy: Revolutionizing Android threats with GenAI techniques

Feb 20, 2026 | Threat Intelligence Research

Android Malware Leverages Generative AI for UI Manipulation

TL;DR: ESET researchers discovered PromptSpy, the first Android malware utilizing generative AI for context-aware UI manipulation. This innovative malware targets users primarily in Argentina and showcases enhanced evasion techniques.

ESET has identified PromptSpy, the first Android malware that incorporates generative AI, specifically Google’s Gemini, to manipulate user interfaces. Unlike prior malware, which primarily relied on hardcoded navigation commands, PromptSpy uses AI to dynamically adapt to various screen layouts, enabling it to maintain persistence on devices by consistently remaining in the recent apps list. This represents a significant advancement in malware sophistication, as it automates complex interactions traditionally reliant on static programming.

PromptSpy’s architecture is designed to deploy a remote access tool that allows attackers to control compromised devices. It misuses the Accessibility Service to obstruct uninstallation efforts with invisible overlays that capture interactions aimed at removing the malware. The primary distribution channel for PromptSpy appears to be a rogue website, indicating a targeted financial motivation, predominantly affecting users in Argentina. Moreover, initial analysis suggests a Chinese-speaking environment linked to its development, hinting at potential international collaboration among cybercriminals.

Why this matters: The emergence of PromptSpy highlights a troubling trend in malware development where generative AI is exploited to enhance operational stealth and effectiveness. This evolution poses a significant threat to Android users, as the adaptability of malware complicates detection and remediation for defenders.

To mitigate risks associated with AI-powered malware like PromptSpy, organizations should leverage threat intelligence and monitoring tools like SIEMs to quickly identify and respond to threats. Regular vulnerability scans can also help identify weaknesses that malware might exploit.

Indicators of Compromise (IOCs):

Malware Samples:
- mgapp.apk, app-release.apk, etc. (various PromptSpy samples)
Network:
- Command and Control (C&C) IP: 54.67.2[.]84
- Distribution Domain: mgardownload[.]com, m-mgarg[.]com (both associated with phishing)
MITRE ATT&CK Techniques:
- Persistence: T1398, T1541
- Defense Evasion: T1516
- Credential Access: T1417.002

Click here for the full article

← Exposing supply chain vulnerabilities: Serious weaknesses found in widely-used VS Code extensionsHow to navigate Poshmark safely: Tips to buy and sell while avoiding scams →

Try our Intelligence today!

Streamline your security operations with a free Q-Feeds trial and see the difference.

Activate free access

Uncovering Operation FlutterBridge: A deep dive into the macOS malvertising campaign unleashing the FlutterShell backdoor

Widespread Malvertising Campaign Targets macOS with FlutterShell TL;DR: A new malvertising campaign dubbed Operation FlutterBridge, linked to the previously identified JSCoreRunner campaign, is...

Inside the malware distribution ecosystem: Exploring impersonation, click hijacking, and TDS threats

Impersonation Campaign Targets Security Tools through Traffic Distribution System TL;DR Check Point Research has identified a sophisticated operation using fake websites that impersonate popular...

Harnessing AI: Your guide to mastering cybersecurity in a connected world

AI Command Center Addresses Security Gaps in AI Ecosystems The Netskope One AI Command Center seeks to close significant governance gaps present in the rapidly evolving AI landscape within...

« Older Entries

PromptSpy: Revolutionizing Android threats with GenAI techniques

Android Malware Leverages Generative AI for UI Manipulation

Try our Intelligence today!

Other articles