March 7, 2026, 7:34 am | Read time: 3 minutes
Researchers from the European security company ESET have discovered new malware targeting Android devices. The malware is named “PromptSpy.” Notably, it uses generative artificial intelligence during operation. This allows the malware to persist on the smartphone and take control of the device.
The malware is hidden in a fake banking app called “MorganArg.” This app visually resembles the apps of banks Chase and J.P. Morgan. It is distributed through manipulated websites where users can download it. Many initially mistake it for a legitimate banking application. According to the researchers, people in Argentina have been primarily affected so far. However, the technology used can be deployed globally.
Malware Almost Completely Takes Over Smartphone
After installation, the app requests extensive access rights on the smartphone. As ESET reports on the company blog, it can then control nearly all actions on the device. The attackers gain real-time insight into the screen, allowing them to see exactly what is happening on the smartphone.
This enables them to read messages, initiate transfers, or capture passwords, among other things. At the same time, it becomes significantly more difficult for affected users to remove the application. The malware uses invisible elements on the screen to block important buttons. As a result, users often cannot close or delete the app. The attackers gain control over the device comparable to physically holding the smartphone.
Contaminated by Viruses! You Should Delete These Apps Immediately
Fake Captchas Can Install Malware
AI Analyzes the Screen Like a Human
A key innovation of this malware is the use of Google’s Gemini AI model. PromptSpy sends the current screen content to this artificial intelligence. The AI then analyzes the interface similarly to a human user.
Based on this analysis, the AI provides the malware with specific instructions. For example, the app can identify the steps necessary to prevent its own closure. According to ESET, this method works reliably on almost all devices, regardless of the Android version. The reason is that the AI is not dependent on pre-programmed command sequences but independently recognizes what is displayed on the screen.
As early as 2025, security researchers discovered AI-supported ransomware with PromptLock for the first time. Ransomware refers to malware that locks devices or encrypts data to demand ransom. PromptSpy continues this development.
Also of interest: EU intensifies fight against cyberbullying with an app
Indications of Developers from a Chinese Environment
Analysis by experts suggests that the developers may originate from a Chinese-speaking environment. The fake application has not yet been found in official app stores. Users should therefore only install apps from trusted sources like Google Play. Extra caution is advised when an app requests access to so-called accessibility features. These functions are intended to help people with disabilities use smartphones but also allow extensive control of a device and are often misused by cybercriminals.
Regular system updates can also help reduce the risk. If you suspect your smartphone is infected, you can start the device in safe mode. In this mode, problematic apps can often be removed. Devices with Google Play Protect enabled automatically detect known variants of the malware.