ESET Discovers First Android Malware to Abuse Generative AI for Dynamic UI Manipulation
informationsecuritybuzz.comSecurity researchers at ESET have uncovered what they describe as the first known case of Android malware abusing generative AI to manipulate a device’s user interface in real time.
Dubbed PromptSpy, the newly identified malware family uses Google’s Gemini to analyze on-screen content and dynamically guide malicious actions. While machine learning has previously been used in Android threats (including a recent case discovered by Dr.Web involving ad fraud automation) this is the first documented instance of GenAI being embedded directly into malware execution flow.
According to the researchers, PromptSpy is the second AI-powered malware they have found, the first one being PromptLock in August last year, which was the first known instance of AI-powered ransomware.
Unlike traditional Android malware, which relies on hardcoded touches, screen coordinates, or UI selectors, PromptSpy uses GenAI to adapt to different devices, OS versions, and UI configurations.
Designed to Achieve Persistence
The ...
Copyright of this story solely belongs to informationsecuritybuzz.com . To see the full text click HERE