PromptSpy Android Malware Uses Google Gemini for Real-Time Control

AI-assisted Android spyware shows adaptive on-device capability

PromptSpy Android malware is making headlines for its unprecedented use of Google Gemini to dynamically adapt its behaviour during runtime. This marks a significant development in mobile cyber threats, as PromptSpy is the first known spyware strain to reach out to a generative AI model live on a victim’s device for operational guidance.

PromptSpy Malware: Real-Time AI-Powered Threat

Traditionally, Android malware relies on logic hardcoded by its creators. PromptSpy, however, queries Google’s Gemini AI model while running on infected devices to determine how to interact with a victim’s screen. This real-time adaptability means the malware is no longer limited to fixed, pre-programmed instructions and can adjust its actions based on the device environment, user behaviour or even installed security tools.

This innovation sets PromptSpy apart from previous Android threats. According to recent research published in June 2024, PromptSpy’s integration with Google Gemini enables it to:

  • Analyse the current state of the victim’s screen before executing commands
  • Choose the most effective methods for information theft or device control
  • Evade basic detection techniques by varying its behaviours

PromptSpy’s design demonstrates how generative AI can be weaponised to give attackers increased flexibility and stealth, raising new challenges for mobile security.

Event Details: Timeline, Capabilities and Impact

Discovery and Timeline

PromptSpy was identified in early June 2024 by security researchers examining suspicious mobile activity in the wild. The malware is believed to have been circulating via malicious Android application packages (APKs) distributed through unofficial app stores and phishing campaigns since at least May 2024.

Who Is Affected?

The primary risk is to Android users who install apps from non-Google Play sources or whose devices lack modern security controls. Bring Your Own Device (BYOD) environments and organisations with less stringent mobile application controls are especially at risk, as PromptSpy can potentially compromise both personal and corporate data.

Technical Breakdown: How PromptSpy Works

On the surface, PromptSpy resembles a classic remote access trojan (RAT) tailored for Android devices. Once installed, it requests a range of permissions to access sensitive data and device controls. Its core capabilities include:

  • Capturing lockscreen PINs and passwords
  • Enumerating installed applications
  • Taking screenshots and recording video secretly
  • Providing live remote access for attackers

What makes PromptSpy unique is its embedded module that reaches out to Google Gemini, the large language model (LLM) AI platform, during runtime. When the malware needs to perform a sensitive action—such as capturing credentials or bypassing security pop-ups—it sends contextual information to Gemini and receives tailored instructions in return. This can include guidance on which on-screen elements to interact with, how to mimic user gestures, or how to avoid triggering security prompts.

All communications between PromptSpy and its remote operators are encrypted, making network-based detection challenging. The use of Gemini allows the malware to adapt its tactics on the fly, modifying its behaviour to suit the specifics of any infected device.

Current Exploitation Status

As of mid-June 2024, researchers have confirmed that PromptSpy is being actively distributed and has infected devices in multiple regions. There is evidence that the malware has already been used to steal sensitive information from both individual users and organisational devices. While the scale of the campaign appears limited compared to mainstream Android threats, the technical leap represented by PromptSpy’s Gemini integration has set off alarm bells across the cybersecurity community.

  • The malware’s dynamic nature makes it harder for security tools to create reliable signatures
  • PromptSpy’s approach could be replicated by other threat actors, signalling a possible shift in mobile malware design

Why PromptSpy Matters for Organisations

PromptSpy’s use of generative AI to dynamically adjust its actions represents a new era in Android malware. For organisations, especially those allowing BYOD or managing fleets of Android devices, this increases the risk that traditional static defences may be bypassed. The ability of PromptSpy to adapt to its environment and evade standard detection makes it a formidable threat, particularly for sectors where sensitive data is accessed via mobile devices.

The event also highlights the potential for generative AI models to be repurposed for malicious use, increasing the complexity of defending against advanced mobile threats.

What Organisations Should Do Now

Given the emergence of PromptSpy, organisations should take targeted action:

  • Review mobile device management (MDM) policies to restrict installation of apps from untrusted sources
  • Monitor for indicators of compromise related to PromptSpy’s known behaviours and network activity
  • Educate users about the risks of sideloading apps and the importance of using official app stores
  • Stay alert for security updates as researchers and vendors release new detection signatures and guidance

As PromptSpy and similar threats evolve, ongoing vigilance and agile response capabilities will be critical to protecting both corporate and personal data on Android devices.

Originally reported by cybersecuritynews.com.

Share this bulletin

About the Author

Headshot of Jonny Pelter, leading cyber security expert in the UK and CISO

Jonny Pelter

Partner

  • CIPM
  • CIPP/E
  • CISSP
  • CISM
  • CRISC
  • ISO27001
  • Prince2
  • MSc
  • BSc

Jonny Pelter

Jonny is a Founding Partner at CyPro and executive group level CISO who has worked closely with the British intelligence agencies NCSC and GCHQ.

An ex-professional rugby player and originating from KPMG and Deloitte, Jonny has a wealth of experience across numerous sectors including technology, critical national infrastructure, financial services, oil & gas, insurance, betting, pharmaceuticals and utilities.

Jonny is a leading cyber security expert in the UK, having featured on national media for his professional commentary such as BBC News, iPlayer, Telegraph and Times Radio.

View Profile
Back to Bulletins
Category
Malware
Published
Jul 8 - 2026
Post Tags
Cypro firewall showing robust network security
Secure your business.
Elevate your security, accelerate your growth. We take care of cyber security for high-growth companies, at every stage of their journey.
Get in touch
CyPro Cookie Consent

Hmmm cookies...

Our delicious cookies make your experience smooth and secure.

Privacy PolicyOkay, got it!

We use cookies to enhance your experience, analyse site traffic, and for marketing purposes. For more information on how we handle your personal data, please see our Privacy Policy.

Schedule a Call