PromptSpy is the first known Android malware to use generative AI at runtime
Summary
Researchers discovered PromptSpy, the first known Android malware that uses generative AI (specifically Google's Gemini model) during its operation to help it persist on infected devices by adapting how it locks itself in the Recent Apps list across different Android manufacturers. Beyond this AI feature, PromptSpy functions as spyware with a VNC module (remote access tool) that allows attackers to view and control the device, intercept passwords, record screens, and capture installed apps. The malware also uses invisible UI overlays to block users from uninstalling it or disabling its permissions.
Solution / Mitigation
According to ESET, victims must reboot into Android Safe Mode so that third-party apps are disabled and cannot block the malware's uninstall.
Classification
Affected Vendors
Related Issues
CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne
CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi
Original source: https://www.bleepingcomputer.com/news/security/promptspy-is-the-first-known-android-malware-to-use-generative-ai-at-runtime/
First tracked: February 19, 2026 at 07:00 PM
Classified by LLM (prompt v3) · confidence: 92%