Hides malware that uses AI to take control of the cell phone

The application is not available in the official Google store, but is installed through downloaded files from external linksa dangerous but common practice in recent years. For example, applications such as MagistTV that are used to access pay television content are installed using this methodology (running “APK” files). They are not in the Google Play Store, which is already a first warning sign.

MorganArg follows the logic of most online deceptions and scams in recent years: the promise of returns on an investment of money. The victim receives a link (through social networks, messages or online advertising) that leads them to download an APK and, upon installing it, the application asks for advanced permissions, including access to accessibility functions.

These types of permits are designed to help people with visual or motor disabilities, but also can be abused to see what is happening on the screensimulate keystrokes and write on behalf of the user. If the person accepts these permissions, the malware is enabled to interact with other applications, read content on the screen and execute actions without the phone’s owner noticing.

After the user installed the malware, the program has access to multiple functions that are dangerous. Once active, it can read messages and notifications, steal access credentials and personal data, intercept security codes. verification sent by SMSmanipulate banking or digital wallet applications and execute orders on the phone as if it were the user themselves. Basically, a kind of master key to everything the user does on a daily basis.

Clarín contacted Mario Micuccispecialist at the ESET Latin America laboratory, to better understand what PromptSpy is. “This inaugurates a new era for malware on Android. By delegating control of the screen to AI, attackers achieve unprecedented effectiveness in data theft,” says the analyst.

The application has a logo that imitates that of Chase, the trademark of JPMorgan Chase, one of the largest banks in the United States. “The use of the name MorganArg in Argentina reflects a cybercrime that professionalizes its social engineering to attack where it hurts most. Without a doubt, we are facing more dynamic, autonomous and local operations, a definitive warning that the most sophisticated threats at a global level are actively operating in Argentina,” complements Micucci.

As it is not distributed through the official store, the attack depends on the victim agreeing to install applications from “unknown origins”a practice that considerably increases the user’s risk.

Our country appears as the main focus of this threat. The fake investment app, which presents itself as a legitimate financial opportunity, was flagged as malicious on February 10 on a well-known platform (VirusTotal) that is dedicated to uploading malware samples.

“Our analysis of samples from Argentina revealed a multi-stage malware with a malicious payload that misuses Google’s Gemini. Based on these findings, we named the first stage of this malware PromptSpy dropper [programa inicial que instala el malware principal]and his payload PromptSpy [el malware]”explains Lukas Stefanko, ESET researcher, in a company blog.

Artificial intelligence plays an important role in the development of this malicious program: “Specifically, Gemini [Google] “It is used to analyze the current screen and provide PromptSpy with step-by-step instructions on how to ensure that the malicious app remains pinned to the recent apps list, thus preventing it from being easily removed by the system,” Stefanko describes.

“The AI ​​model and prompt are predefined in the code and cannot be modified. Since Android malware often relies on UI navigation, Leveraging generative AI allows threat actors to adapt more or less to any device, design or version of the operating system, which can greatly expand the group of potential victims,” he adds.

Until now, many malicious programs worked with fixed rules: if they detected a specific bank’s app, they executed a predetermined action (for example, to copy the password and then try to log into the user account). On the other hand, in this case the AI ​​analyzes the context, understands which application is open and generates instructions adapted to each situation.

This is why it is described as the first known malware on Android that “abuses” generative AI to manipulate context-sensitive user interface: uses technology designed to generate text or interpret information, but applied to automatic control of the phone.

Although the tips to stay safe are always the same, it doesn’t hurt to remember them, with the first of all at the top: never install apps from unknown sources. That is, they are not outside the official store, in this case Google.

In this sense, it is important:

• Descargar applications only from the official Google Play store.

• distrust of links that promise quick investments or extraordinary returns.

• Do not grant accessibility permissions to apps that do not clearly justify it.

• Review the requested permissions before installing any application.

• Maintain the operating system and apps updated.

In the event of any strange behavior, such as automatic movements on the screen, unusual requests for permissions or abnormal data or battery consumption, it is recommended to uninstall the suspicious app and consult with a specialist. In many cases, it is advisable to reset the device to factory settings.

PromptSpy is not the first case of malware using AI. There is a tendency, as in the entire technology industry, for automated processes to also generate malicious software or be exploited in attacks

The benefits of AI are known but, along with them, comes the counterpart of its risks, where one of the most common is security.