Government hackers are exploiting Google's Gemini AI, raising alarms over cybersecurity. Learn how AI misuse is accelerating global cyber threats

Continue reading
The lines between innovation and exploitation are blurring in this fast-evolving world of artificial intelligence (AI). What was once a tool for scientific advancement is now being weaponized in the world of cyber warfare. As governments scramble to deploy the power of AI, a darker, more concerning reality is emerging: state-backed threat actors are leveraging AI-powered tools to augment their cyberattacks, amplifying the scale, speed, and sophistication of their operations.
The latest revelations from Google’s Threat Intelligence Group (GTIG) and cybersecurity firm KELA paint a chilling picture of AI’s role in cybersecurity breaches, with generative AI tools like Google Gemini and DeepSeek increasingly exploited by advanced persistent threat (APT) groups across the globe. The rapid integration of these AI models into the cyber threat landscape presents not only immediate challenges but also long-term risks for the security of governments, businesses, and individuals.
Artificial intelligence has emerged as a game-changer in the cybersecurity world, with both defenders and attackers exploiting its vast capabilities. On the one hand, AI is aiding defenders by improving threat detection, automating incident responses, and identifying vulnerabilities at unprecedented speeds. On the other hand, cybercriminals—especially government-backed APT groups—are using AI to bolster their cyber espionage and data theft capabilities.
Recent research has uncovered the alarming extent to which state-sponsored actors are utilizing generative AI for nefarious purposes. Google’s findings have highlighted that APT groups from more than 20 countries, including Iran, China, North Korea, and Russia, are experimenting with Gemini, a cutting-edge AI model developed by Google, to streamline various stages of the cyberattack lifecycle. What’s most striking is that these threat actors are not just using AI for conventional tasks such as malware creation or code injection but are leveraging AI for more strategic functions like reconnaissance, intelligence gathering, privilege escalation, and social engineering.
The use of AI by cyber threat actors represents a quantum leap in the nature of cyber threats. The integration of generative AI into the cyber-attack process is enabling adversaries to conduct more sophisticated operations with a much higher success rate. Threat actors are not merely trying to bypass traditional defense mechanisms—they are now using AI to improve their operational efficiency, craft customized phishing attacks, develop malware at scale, and exploit vulnerabilities more quickly and effectively than ever before.
In the case of Google Gemini, this AI model is being used by APT groups to perform complex research tasks, from analyzing publicly disclosed vulnerabilities to gaining insight into the target organizations' infrastructure and operational details. These capabilities allow attackers to plan targeted operations and develop customized exploits based on real-time intelligence extracted from the victim’s digital ecosystem.
Iranian-backed APT groups have been among the heaviest users of Gemini, employing the tool for a variety of offensive tasks. The Iranian APT actors have leveraged Gemini to conduct in-depth research into defense organizations, vulnerabilities, and military technologies, while also using it to generate content for influence campaigns and phishing attacks. Their efforts have been particularly focused on exploiting UAV (unmanned aerial vehicles) and missile defense systems, as well as leveraging AI to enhance the efficiency of their cyber warfare strategies.
Gemini has enabled APT42, one of Iran’s most active APT groups, to craft malicious content with precision, conduct in-depth reconnaissance, and synthesize research on sensitive issues like the Iran-Israel proxy conflict. The AI tool also helped the group to localize content and generate reports with a specific tone, including targeted content designed to influence geopolitical opinions.
Chinese APT groups have also heavily engaged with Gemini to support a variety of cyber espionage and surveillance operations. These groups primarily use Gemini for researching vulnerabilities in military and governmental networks, while simultaneously developing scripts to facilitate lateral movement and privilege escalation within compromised systems.
China-backed actors have been particularly focused on using Gemini to research and analyze publicly available information on US military infrastructure, target organizations, and network defense strategies. With Gemini’s assistance, these actors are able to generate sophisticated scripts that support data exfiltration and evade detection, significantly enhancing their cyber espionage capabilities.
North Korean APT actors have deployed Gemini to support multiple phases of their attack lifecycle, including malware development, payload creation, and evading defense mechanisms. Gemini has played a crucial role in automating malware scripting, generating phishing campaigns, and researching exploitation techniques to compromise systems.
In one particularly alarming instance, North Korean actors used Gemini to draft cover letters and job proposals as part of their ongoing efforts to infiltrate Western organizations by placing clandestine IT workers under false identities. This highlights how AI tools like Gemini are facilitating covert operations and assisting APT groups in bypassing traditional recruitment and intelligence-gathering barriers.
While Russian APT groups have shown more limited engagement with Gemini compared to their Iranian and Chinese counterparts, their use of AI has been strategic. Russian-backed threat actors primarily used Gemini for content creation, including rewriting malware into different programming languages and adding encryption functions to their exploits. Despite their limited use, the focus on payload crafting underscores the adapting sophistication of Russia’s cyber strategies in the digital warfare landscape.
Despite the robust safety measures in place, APT groups are continuously experimenting with jailbreaks and security bypass techniques to manipulate AI models like Gemini for malicious purposes. These actors have attempted to rephrase prompts, use publicly available jailbreak prompts, and re-engineer AI responses to bypass Gemini’s safety safeguards.
However, Google’s security measures, including adversarial training, input validation, and prompt sanitization, have successfully blocked these efforts. Despite this, the attempts to exploit Gemini for malicious activities demonstrate the high stakes and growing concerns surrounding AI security.
As AI continues to evolve, the cybersecurity landscape will be increasingly influenced by AI-driven capabilities. Generative AI models like Gemini represent both a powerful tool for defenders and a potential weapon for cyber adversaries. While AI’s positive potential in strengthening security is undeniable, it is equally clear that without proper safeguards, it can be manipulated by malicious actors to carry out advanced cyberattacks.
The integration of AI into cyber defense systems has already begun to transform how organizations approach digital threats, enabling faster detection and response times. However, as we’ve seen, adversaries are not far behind in leveraging AI for offensive purposes. To address these evolving threats, collaboration among governments, private sectors, and international organizations is crucial in creating global frameworks that safeguard AI development and deployment.
At Google, we remain committed to providing responsible AI solutions, continuously enhancing our AI models to mitigate misuse and sharing our findings to raise awareness about emerging threats. We believe that cybersecurity should be proactive rather than reactive, focusing on preventing threats before they materialize.

U.S. Army recruiting pages hijacked to display fake 404 errors reading ‘Kurdistan’, exploiting a third-party tool and exposing .mil web security gaps.