Your phone’s screen is being studied by malware in real time—AI-powered threats are learning how to outsmart users and security tools alike.
ESET researchers discovered PromptSpy, the first Android malware using generative AI to analyze screen activity and evade closure by pinning itself in recent apps lists. This screen-reading capability allows the malware to adapt its behavior based on user interactions, making it harder to detect and remove.
Lukáš Štefanko, ESET senior malware researcher, noted:
"We expect that the appetite of threat actors for exploiting NFC technology will continue to grow in 2026..."
Meanwhile, NGate and RatOn malware now include contact harvesting and automated transfer system (ATS) capabilities to facilitate NFC-based ATM fraud. These multi-stage scams leverage AI to refine their tactics, with ESET telemetry showing 87% growth in NGate detections between H1 and H2 2025.
Nomani deepfake scams, which use AI-generated likenesses of figures like Elon Musk in phishing ads, grew by 62% year-over-year in 2025.
ESET Mobile Security now includes AI-powered antimalware, anti-phishing, and payment protection to counter these evolving threats, though its effectiveness remains tied to the speed of threat intelligence updates.
Source: Eset | Threatfabric