通过使用人工智能驱动的Android恶意软件PromptSpy使用谷歌的Gemini来窃取数据, AI-powered Android malware PromptSpy uses Google's Gemini to steal data and evade detection, targeting users in Argentina.

发现ESET的Android恶意软件PromptSpy是第一个已知的生成AI (特别是谷歌的Gemini) 实例,它被用于恶意软件中,通过解释屏幕元素和发出动态触摸命令来保持持久性. Android malware PromptSpy, discovered by ESET, is the first known instance of generative AI—specifically Google’s Gemini—being used in malware to maintain persistence by interpreting on-screen elements and issuing dynamic touch commands. 它在各种装置和操作系统版本之间进行调整,通过在最近的应用软件清单中插入自己并使用无形的重叠来逃避清除,并且为远程访问、屏幕捕捉和数据盗窃部署VNC模块。 It adapts across devices and OS versions, evades removal by pinning itself in the recent apps list and using invisible overlays, and deploys a VNC module for remote access, screen capture, and data theft. 它可能是由讲中文的网络罪犯开发的,针对阿根廷的用户,可能使用大通银行的品牌,并通过恶意网站分发。 Likely developed by Chinese-speaking cybercriminals, it targets users in Argentina, possibly using Chase Bank branding, and is distributed via malicious websites. 虽然尚未广泛使用,但它代表了人工智能辅助恶意软件不断增长的趋势,谷歌得到通知,Android用户受到保护。 Though not yet widespread, it represents a growing trend of AI-assisted malware, with Google notified and Android users protected.