Android malware makes use of Google’s personal Gemini AI to adapt in actual time

Replace: February 20, 2026 (05:12 PM ET): Following our request for remark and the publication of the unique article under, a Google spokesperson supplied us with the next assertion:

“Based mostly on our present detection, no apps containing this malware are discovered on Google Play. Android customers are robotically protected towards recognized variations of this malware by Google Play Shield, which is on by default on Android gadgets with Google Play Providers. Google Play Shield can warn customers or block apps recognized to exhibit malicious conduct, even when these apps come from sources exterior of Play.”

The ESET researchers had already shared their findings with Google, and related assurances to these within the assertion above are echoed within the report. Regardless of the skills this malware demonstrates, there appears to be little or no danger to Android customers at this stage.

Authentic article: February 20, 2026 (01:19 PM ET): It’s been a worrying week on the Android malware entrance. On Tuesday, we realized of tablets delivery with hidden malware already embedded of their firmware. Now, researchers say they’ve noticed one thing arguably extra futuristic: Android malware that makes use of Google’s personal Gemini AI mannequin throughout execution.

In response to a report highlighted by BleepingComputer, ESET researchers have uncovered a brand new Android malware household dubbed PromptSpy. Not like conventional malware that depends completely on hardcoded directions, this pressure queries Google’s Gemini generative AI mannequin at runtime to assist it perform a part of its conduct. On this case, the malware sends Gemini details about what’s presently seen on the contaminated machine’s display screen and asks for steerage on what to do subsequent. That permits it to adapt to variations between Android gadgets and interfaces, reasonably than counting on a inflexible script that may solely work on sure fashions.

ESET says that is the primary recognized instance of Android malware integrating generative AI instantly into its execution movement. Whereas the AI part is used for just one characteristic on this instance, it exhibits how attackers can leverage publicly accessible AI instruments to make malware extra versatile and more durable to design towards.

Past the disturbing AI improvement, PromptSpy capabilities as spy ware. It reportedly features a built-in distant entry module and may acquire info equivalent to put in apps and lockscreen credentials as soon as it positive aspects the required permissions. It additionally makes an attempt to make removing harder by interfering with efforts to disable it.

To date, ESET says it hasn’t noticed PromptSpy or its dropper in its telemetry, making it unclear whether or not the malware is actively spreading or stays nearer to a proof-of-concept. Nonetheless, researchers famous that the samples had been distributed by way of a devoted area and impersonated a significant financial institution, suggesting they will not be purely experimental.

Even when its attain and scope are restricted for now, the broader takeaway is difficult to disregard. Generative AI isn’t simply getting used to create malicious content material — it’s beginning to form how malware behaves in actual time. Attackers utilizing Google’s personal AI instruments towards Android on this occasion solely provides to the priority, and we’ve reached out to Google for touch upon the matter. We are going to replace this text with any response we obtain.