An innocent-looking AI image-generation tool turned out to be the tip of the iceberg of an entirely new era in cyberattacks.
-
The software is called PROMPTSTEAL, and it was exposed by Google's cybersecurity research team in a report published a few days ago.
What makes this tool remarkable is that it contains no attack code whatsoever prior to installation — which makes it extremely difficult to identify as malware.
Instead of embedding malicious code, the software analyzes the system on which it is installed, sends a request to an AI model to generate custom scripts tailored to that environment, and uses those scripts to harvest data from the compromised machine.
-
Researchers have linked this malware to the Russian military intelligence agency, which deployed it in the war in Ukraine.
It is one of five new malware families described in the study that leverage artificial intelligence in the attack process — including one that uses Gemini to rewrite its own source code every hour.
-
Malware detection is often carried out by analyzing software before installation and identifying characteristic malware signatures.
The fact that this software only becomes malware — with AI assistance — after it is already installed makes timely detection extremely difficult.
This is the first documented case of active malware of this kind, and it is a warning signal that demands emergency preparedness from both the business and government sectors before it is too late.
-
I covered this malware as part of a broader opinion piece I wrote on the subject, published on Channel 10.
The column describes a new era in cybersecurity — one in which AI tools battle each other across the internet while the human factor has been reduced to a secondary player. It examines the various attack vectors in which artificial intelligence plays a role, and the urgent need for government investment in adequate defenses.
If you work in cybersecurity, or are simply curious, you are welcome to read the full column.
--
👋 Hi, I'm Shlomo Strauss — follow me for more content on science and technology.