
The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.
Security researchers discovered PromptSpy, the first Android malware to leverage Google's Gemini generative AI. The malware uses Gemini to interpret device interfaces and automate persistence, enabling remote access, data theft, and blocking removal. PromptSpy primarily targets users in Argentina, posing significant privacy and security risks.[AI generated]
Why's our monitor labelling this an incident or hazard?
The malware explicitly uses an AI system (Google's Gemini generative AI chatbot) to interpret device UI and execute actions, which is a clear AI system involvement. The malware's use leads directly to harm by enabling remote control, interception of sensitive data (lockscreen PINs, passwords), and prevention of uninstallation, which are violations of user rights and privacy, constituting harm to persons and communities. Although it is currently a proof of concept with limited evidence of deployment, the malware has been found in VirusTotal and associated with domains mimicking a bank, indicating potential real-world malicious use. The AI system's role is pivotal in enabling the malware's adaptive and dynamic behavior, which traditional malware lacks. Hence, this is an AI Incident rather than a mere hazard or complementary information.[AI generated]