PromptSpy is the first known Android malware to use generative AI at runtime
Summary
Researchers have identified a new Android malware called PromptSpy that leverages Google's Gemini generative AI model to improve its persistence capabilities across various devices. This is the first known instance of Android malware using generative AI during runtime to dynamically adapt its behavior.
IFF Assessment
FOE
Malware using generative AI makes it more adaptive and harder to detect.
Defender Context
The use of generative AI in malware represents a significant escalation in sophistication. Defenders should monitor for unusual network activity indicative of AI model interaction and enhance their detection capabilities to recognize AI-driven adaptive behaviors. Expect to see more malware employing AI to evade traditional security measures.