Google Uncovers the First Self-Rewriting AI Malware: Promptflux
2025-11-06
Google Uncovers the First Self-Rewriting AI Malware: Promptflux
London, 6 November 2025
Google has confirmed the discovery of Promptflux, the first known case of malware that uses artificial intelligence to rewrite its own code while carrying out cyberattacks.
The company’s Threat Analysis Group (TAG) said the program represents a new phase in cybersecurity — one where attackers and defenders are now both using AI.
🧠 A Malware That “Thinks”
Unlike traditional viruses that rely on fixed code, Promptflux interacts with large language models during its attack process.
Security analysts found that it queries an AI system similar to Google’s Gemini chatbot, asking for suggestions on how to modify itself to evade antivirus detection.
It then rewrites parts of its source code based on those answers, creating new variants every hour and making signature-based protection nearly useless.
This ability to regenerate its structure makes Promptflux what experts call “self-evolving malware”, capable of adapting faster than conventional security systems can respond.
⚠️ From Experiment to Active Use
TAG’s report also identified another program, Promptsteal, which has been deployed by the Russian state-sponsored hacking group APT28 (Fancy Bear) against Ukrainian organisations.
Promptsteal uses generative AI models to compose new attack scripts on demand, confirming that AI-enabled hacking has moved beyond laboratory tests into real-world operations.
Researchers warn that groups in China, Iran, and North Korea are experimenting with similar tactics, suggesting that the misuse of AI tools is becoming a global security issue.
🛡️ Google’s Response
Google said none of its internal systems were compromised.
The company has suspended all accounts and cloud assets linked to these operations and has strengthened Gemini’s internal safety filters to prevent models from being manipulated into generating malicious code.
TAG is now working with international agencies to monitor AI-based threat activity and share indicators of compromise across the industry.
🧩 FLASHOP Editorial Perspective
The discovery of Promptflux marks a turning point.
“AI is no longer only a tool for innovation — it’s now part of the battlefield.”
As companies race to integrate AI into everyday operations, security teams must also evolve their defences.
For businesses and digital platforms like FLASHOP, this means adopting behaviour-based detection, stricter API monitoring, and proactive AI-safety audits to stay ahead of adaptive threats.