- Russian hacker “bandcampro” used Google’s Gemini CLI to control a botnet of eight devices at a dental clinic.
- The attacker tricked the AI into posing as a pen tester, asking it to migrate C2 infrastructure, troubleshoot connectivity, and prepare payload batches.
- AI has made everyday operations like finding passwords and accessing WordPress easier, highlighting the risks of misuse when malicious actors co-opt AI tools.
A Russian hacker and his AI companion managed to control a miniature botnet made up of eight systems, with the hacker giving instructions in conversational language and the AI doing what it wanted, experts have found.
By analyzing 200 session logs obtained from the Russian-speaking threat actor known as “bandcampro,” Trend Micro cybersecurity researchers saw the hacker using Google’s Gemini CLI, an open-source AI command-line tool that allows developers to interact with Google’s Gemini AI models directly from a terminal.
By going through a month of session logs (between April 21 and May 19, 2026), researchers discovered that the attacker had tricked the AI into telling it that he was an “authorized write tester.” Although the AI has mostly complied with its nefarious overlord, it has refused orders on at least one occasion.
Gone in six minutes
Trend Micro discovered that the hacker controlled eight devices belonging to a dental clinic and sought access to their OpenDental database.
Using AI, bandcampro achieved a number of things, starting with migrating the botnet to a new C2 infrastructure. He gave the AI a skills file containing the complete architecture description, standard operating procedures, infection description, persistence commands, and troubleshooting steps.
He then asked it to “study C2 migration”, which asked the AI to process the guide and prepare all the necessary code and steps. It took about six minutes for the tool to do the job.
“The AI read the migration guide, then prepared a migration package, a small archive of the server code, payloads, and skills file. She then unzipped the package, launched the C&C server on a VPS, and displayed the Cloudflare tunnel,” explains Trend Micro.
Bandcampro then used AI to troubleshoot connectivity issues, as well as for various day-to-day operations, such as guessing passwords, generating plausible variations of existing passwords for WordPress portals, and much more.
Via BeepComputer

The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.




