PromptSpy Android malware with Gemini-assisted persistence
Malware Activity
Summary
Hide ▲
Show ▼
The PromptSpy Android malware now uses Gemini inside its execution flow to automate UI navigation and improve persistence, making the payload harder to dismiss or kill. It also combines VNC remote access with accessibility-service abuse to capture lockscreen PINs, screenshots, and live screen activity. The malware is delivered through a dedicated website rather than Google Play, with distribution links pointing to mgardownload[.]com and m-mgarg[.]com. The activity appears financially motivated and is associated with targeting users in Argentina.
Related Happenings
Google Gemini on Android notification-injection bypass using Fake Context Alignment
Technical Analysis
H score16
First: 03.06.2026 22:11
Last: 03.06.2026 22:11
Sources 1
About this happening:
Researchers found a **notification-based prompt-injection bypass** in **Google Gemini on Android** that could turn hostile notification text into **unauthorized assistant actions*...
Google Gemini on Android notification-injection bypass using Fake Context Alignment
Technical AnalysisAbout this happening: Researchers found a **notification-based prompt-injection bypass** in **Google Gemini on Android** that could turn hostile notification text into **unauthorized assistant actions*...
Openew[.]app cloaked malware download portal
Malware Activity
H score26
First: 29.05.2026 21:21
Last: 29.05.2026 21:21
Sources 1
About this happening:
The **openew[.]app** malware-delivery activity now also uses **legitimate ChatGPT shared pages** as the first lure, with **Google ads** and **SEO poisoning** sending victims to a...
Openew[.]app cloaked malware download portal
Malware ActivityAbout this happening: The **openew[.]app** malware-delivery activity now also uses **legitimate ChatGPT shared pages** as the first lure, with **Google ads** and **SEO poisoning** sending victims to a...
Grandoreiro and BTMOB banking trojan activity targeting Windows and Android
Malware Activity
H score25
First: 27.05.2026 19:10
Last: 27.05.2026 19:10
Sources 1
About this happening:
**BTMOB** is an **Android remote access trojan** sold as **malware-as-a-service** on the **clearweb** and in private **Telegram** channels, with a builder that generates customize...
Grandoreiro and BTMOB banking trojan activity targeting Windows and Android
Malware ActivityAbout this happening: **BTMOB** is an **Android remote access trojan** sold as **malware-as-a-service** on the **clearweb** and in private **Telegram** channels, with a builder that generates customize...
BTMOB Android RAT no-code builder malware activity
Malware Activity
H score28
First: 26.05.2026 17:00
Last: 26.05.2026 17:00
Sources 1
About this happening:
**BTMOB** is an **Android RAT** sold as **malware-as-a-service** on the **clearweb** and in private **Telegram** channels, with a **no-code APK builder** that generates customized...
BTMOB Android RAT no-code builder malware activity
Malware ActivityAbout this happening: **BTMOB** is an **Android RAT** sold as **malware-as-a-service** on the **clearweb** and in private **Telegram** channels, with a **no-code APK builder** that generates customized...
Latest development: 29.05.2026 00:10
BTMOB is openly advertised on the clearweb and in private Telegram channels as a malware-as-a-service (MaaS) platform with an APK builder that customizes phishing payloads without coding. The Android RAT targets users mainly in Brazil and Latin America, uses phishing sites masquerading as streaming services, cryptocurrency mining platforms, and Google Play portals, and custom lures have included an Argentinian government agency theme.
Trapdoor Android malvertising and ad-fraud campaign
Campaign
H score39
First: 19.05.2026 19:38
Last: 19.05.2026 19:38
Sources 1
About this happening:
The **Trapdoor** campaign is a **self-sustaining malvertising and ad-fraud operation** targeting **Android users** and turning app installs into revenue through threat-actor-contr...
Trapdoor Android malvertising and ad-fraud campaign
CampaignAbout this happening: The **Trapdoor** campaign is a **self-sustaining malvertising and ad-fraud operation** targeting **Android users** and turning app installs into revenue through threat-actor-contr...
Timeline
-
19.02.2026 19:52 3 articles · 4mo ago
PromptSpy disclosure and Gemini-assisted persistence
Initial DisclosureESET discloses PromptSpy, an Android malware family that abuses Gemini to analyze the current screen and receive JSON step-by-step instructions for keeping the malicious app pinned in the recent apps list, while also using accessibility services, invisible overlays, and a built-in VNC module to resist removal, capture lockscreen data, take screenshots, record screen activity, and provide remote access. The campaign is assessed as financially motivated, targets users in Argentina, and is distributed through mgardownload[.]com and m-mgarg[.]com rather than Google Play, with a dropper that requests installation from unknown sources.
Show sources
- PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence — thehackernews.com — 19.02.2026 19:52
- PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence — thehackernews.com — 19.02.2026 19:52
- Android Malware Hijacks Google Gemini to Stay Hidden — www.infosecurity-magazine.com — 20.02.2026 13:35