Overview
- GTIG says PromptSteal, a Python data‑miner used in operations against Ukrainian targets, queries a Qwen model via Hugging Face to generate one‑line Windows commands for collection and exfiltration.
- PromptFlux, an experimental VBScript dropper with a “Thinking Robot” module, calls Gemini to rewrite and obfuscate its own code, and Google has cut off its API access and removed related assets.
- Other AI‑enabled families highlighted include FruitShell, a PowerShell reverse shell with prompts to evade LLM‑based analysis; QuietVault, a JavaScript credential stealer targeting GitHub/NPM tokens; and PromptLock, a proof‑of‑concept ransomware.
- Researchers detail safety‑filter bypasses using CTF or student pretexts to elicit exploit guidance, and Google says model safeguards and classifiers have been reinforced to block these tactics.
- While Google warns a growing underground market is offering AI tools for phishing, malware development and vulnerability research, independent analyses note most observed samples remain nascent and are often detectable today.