Google Threat Intelligence Group (GTIG) published a May 11, 2026 report documenting ongoing abuse of the Gemini service by criminal and state-sponsored threat actors. PRC-linked group APT27 used Gemini to accelerate development of a network management tool for an operational relay box network configured to route traffic through residential IPs. The ESET-identified Android backdoor PROMPTSPY integrates the Gemini API into an autonomous agent module, sending live UI layouts to Gemini and receiving back tap and gesture coordinates to drive on-device actions, capture biometric inputs, and block uninstallation. GTIG also reported that PRC-linked actors are systematically bypassing AI platform billing controls, including a relay service that pools compromised Gemini, Claude, and OpenAI accounts to distribute access and costs. Google states no PROMPTSPY-containing apps are present on Google Play and that Play Protect mitigates the Android threat; the underlying AI-developed zero-day discussed in the same report did not involve Gemini.
- Google researchers uncover criminal zero-day exploit likely buil(opens in a new tab)
- Google Discovers The First Known Case Of Hackers Using AI To Cre(opens in a new tab)
- Hackers Observed Using AI to Develop Zero-Day for the First Time(opens in a new tab)
- Google Warns Hackers Are Using AI to Create Working Zero-Day Exp(opens in a new tab)
- Google Says Hackers Used AI to Build Zero-Day Exploit(opens in a new tab)
- Google reports first known AI-assisted zero-day exploit in the w(opens in a new tab)