Is your phone at risk?
3 min readNew DelhiFeb 21, 2026 01:13 PM IST
Researchers at ESET, the company behind the NOD32 antivirus, have discovered a new Android malware called PromptSpy that uses Google Gemini to manipulate users.
ARTICLE CONTINUES BELOW VIDEO
Unlike traditional malware, which often relies on hard-coded instructions, PromptSpy is the first known case of Android malware that uses generative AI for execution.
While machine learning models have been used by Android malware for tasks like analysing screenshots for ad fraud, ESET says PrompySpy sends Gemini information about what’s on your screen and asks the AI chatbot what to do next.
Researchers say the move allows the malware to adapt to different Android devices and interfaces, instead of relying on a pre-written script that will only work on select devices.
Android devices have a feature that lets users “lock” or “pin” apps so they aren’t cleared from memory when you clear all recent apps, but the implementation varies by phone maker.
This is where PromptSpy uses AI. The malware works by sending Gemini information of what’s on the screen in an XML format, which includes UI elements, text labels, class types and screen coordinates.
Google’s AI chatbot then replies by sending instructions in JSON on how to lock or pin an app. Following this, PromptSpy performs the action using Android’s accessibility service.
Story continues below this ad
“Even though PromptSpy uses Gemini in just one of its features, it still demonstrates how incorporating these AI tools can make malware more dynamic, giving threat actors ways to automate actions that would normally be more difficult with traditional scripting”, says ESET.
PromptSpy is basically a spyware that comes with a built-in VNC module, allowing it to take over an Android device. Not only can the malware see what’s on the screen in real-time, it can also upload a list of installed apps, steal lockscreen PINs and passwords, capture screenshots, record screen activity, gestures, and even get information about apps you are using.
According to ESET, users infected by PromptSpy will have to boot into Android’s Safe Mode to disable it. The security firm also claims that it has yet to see PromptSpy infecting devices in the wild, meaning it might still be a proof-of-concept. However, it might be used to target some users in Argentina.
Google suggests that users should turn on Play Protect on their devices since the security feature can help prevent their devices from being infected by malware.
