New AI Malware 'PromptSpy' Uses Google's Gemini

- The malware's primary function is to deploy a Virtual Network Computing (VNC) module, which grants attackers the ability to remotely view the infected device's screen and perform actions in real-time. - While the use of AI is for a minor function, it's a significant development; PromptSpy sends an XML dump of the screen's UI elements to Gemini, which then provides step-by-step JSON instructions on how to perform the specific gestures needed to "lock" the app in the recent apps list, preventing it from being easily closed. - Beyond its novel use of AI, PromptSpy abuses Android's Accessibility Services to carry out its malicious activities, including overlaying invisible rectangles over buttons like "Uninstall" or "Force Stop" to prevent its removal. - Evidence suggests the campaign is financially motivated and specifically targets users in Argentina, with the malware masquerading as a banking app from JPMorgan Chase called "MorganArg". - This is the second AI-powered malware discovered by ESET, following their discovery of the "PromptLock" ransomware in August 2025. - Samples of PromptSpy were first uploaded to VirusTotal from Argentina on February 10, 2026, and appear to be an advanced version of a previously unknown malware named "VNCSpy" uploaded from Hong Kong in January 2026. - The malware's code contains Chinese language strings, suggesting developers from a Chinese-speaking environment are behind its creation. - To remove the malware, users must reboot their device into Safe Mode, which disables third-party apps and allows for normal uninstallation.