AI has been up to some naughty things in the past few years. From ignoring copyright to producing pretty awful approximations of games, to being exploited to lock down your machine. It seems like, as AI gets smarter, it only gets easier to use in malicious ways. One piece of malware has even been spotted using AI to rewrite itself to avoid detection. Spooky stuff.
Google has recently warned "adversaries are no longer leveraging artificial intelligence (AI) just for productivity gains, they are deploying novel AI-enabled malware in active operations".
The report (via Bleeping Computer) says that, for the first time, Google "discovered a code family that employed AI capabilities mid-execution to dynamically alter the malware’s behaviour."
If you're worried about the potential of this tech (same), Google says DeepMind has used insights gained from the malware to strengthen security, both with "Google’s classifiers and the model itself." Reportedly, this should mean that the model refuses to help malware with these kinds of attacks going forward. AI fighting AI. So it begins.
Naturally, AI being so broad and having so many applications does often mean it's exploitable, and it wouldn't be the first time someone has got AI to act against its reported purpose.
In its latest report, Google has identified four other cases of AI malware that have popped up in 2025. They are:
- Fruitshell: Establishes a remote connection which can execute arbitrary commands on a compromised system. This is designed to evade detection from LLM-powered security
- Promptlock: This can use an LLM to generate and execute malicious scripts. It can extract data, encrypt files, and do "filesystem reconnaissance", though it's still experimental (this one was spotted a few months ago)
- Promptsteal: A data miner that uses an API to query an LLM to generate one-line commands. Those commands may then collect information and steal from documents
- Quietvault: A credential stealer that grabs data and puts it into a publicly accessible GitHub repository. This uses AI to search infected PCs and "search for other potential secrets"
Google says, "This marks a new operational phase of AI abuse, involving tools that dynamically alter behaviour mid-execution", and it's certainly worrisome to think of how smart these tools can get in the wrong hands.
Despite these worries, Google does clarify that its approach to AI must be "both bold and responsible", and publicly acknowledging both malware using its services and its response to said malware feels like a good step. Still, the idea of malware rewriting itself to avoid being caught is a little too close to fiction for comfort. Next, we just need a malware detector that also rewrites itself, and we can have the two fight it out for control of the game saves and terabytes of animal pictures on my gaming rig.
1. Best gaming laptop: Razer Blade 16
2. Best gaming PC: HP Omen 35L
3. Best handheld gaming PC: Lenovo Legion Go S SteamOS ed.
4. Best mini PC: Minisforum AtomMan G7 PT
5. Best VR headset: Meta Quest 3
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
