New Delhi. A new and dangerous cyber threat has emerged for smartphone users. Researchers at cyber security company ESET have discovered an Android malware named ‘PromptSpy’, which is using artificial intelligence tools to steal user information. It is being told that it is different from traditional malware, because it does not work on pre-written instructions, but on the basis of instructions received from AI.
What is PromptSpy malware?
According to research, PromptSpy is an advanced spyware that sends the information visible on the phone screen in the form of structured (XML) data to the AI system. It then asks the AI what next action to take on the device.
In this way it adapts itself to the phones, interfaces and settings of different companies, making it difficult to identify and stop.
Why more dangerous than traditional malware?
Until now, most malware ran on “hard-coded” scripts, meaning they worked only on limited devices or conditions.
But PromptSpy:
Can understand every phone screen
Analyzes UI elements, text, buttons, and location
Can create new strategies on different devices by taking instructions from AI
Tries to bypass security patterns
That means it is adaptive malware—which can change itself according to each user.
How does one control the device?
According to the report, this malware abuses Android’s Accessibility Service—which is generally designed to help users with disabilities.
Through this:
Can open/control apps automatically
can record screen
Can track gestures and activities
Can send information about apps installed in the phone
A VNC module has also been found inside it, through which attackers can operate the device remotely.
What information can be stolen?
Through PromptSpy, cyber criminals can access sensitive user information, such as:
Lockscreen PIN or password
Banking or payment app activity
Screenshots and personal data
App usage habits
Real-time screen monitoring
Tech giants warn
Tech company Google has advised users to keep the security settings of their devices active and avoid suspicious apps. According to the company, keeping built-in security features on is the first step to protect against such threats.
This is how to avoid this new cyber threat
✔ Always keep security features like Play Protect ON
✔ Download apps only from official app stores
✔ Give Accessibility or Screen Control permission to any app wisely.
✔ Avoid unknown links, APK files or download offers
✔ Do not ignore sudden pop-ups or automatic activity on the phone
✔ Install phone updates and security patches regularly
✔ Turn off screen-sharing while using banking or personal apps
Why is this threat different?
Cyber experts say this is the first case where generative AI is being used directly in a malware operation. This could make cyber attacks more “smart”, “automated” and “human-like decision-makers”. While AI technology is increasing the facilities, cyber criminals have also started using it in new ways. In such a situation, digital caution is the biggest security.
Comments are closed.