Skip to Content

State‑Sponsored AI Hacks: How Nations Turned Gemini Into a Phishing Fairy Godmother

18 February 2026 by
TechStora Editorial Board

Google’s “Cute” AI is Now a State‑Sponsored Scam Factory

Nothing says "we care about safety" like watching nation‑state actors turn Gemini into a digital pied‑piper. Instead of cute doodles, we get AI‑crafted phishing emails that could convince your grandma to hand over her crypto wallet. Red Flag: the same model that suggests dinner recipes now drafts espionage dossiers.

What the “fix” looks like (spoiler: more AI)

Google’s response? Disable a few rogue accounts and sprinkle extra guardrails on the model. In practice, that’s like putting a tiny lock on a bank vault while the thieves are already inside. The real remedy would need a fundamental rethink, but the press release prefers a PR‑friendly pat‑on‑the‑back.

While we’re at it, let’s compare this to Generative AI hype cycles: every new scare ends with the same “we’re training better filters” mantra, as if a better spam folder will stop a missile launch.

Feature: AI‑Generated Reconnaissance

APT42 and UNC2970 use Gemini to auto‑fill LinkedIn profiles, translate slang, and sound like a local. The result? Phishing lures that bypass the usual grammar‑check red lights. Red Flag: the AI’s ability to sound human is now weaponized, turning every email inbox into a potential battlefield.

Think of it as hiring a copy‑writer who never sleeps, never asks for a raise, and never cares about ethics.

Feature: Model Extraction “Distillation”

Enter the Model Extraction hustle: bad actors dump 100,000 prompts at Gemini just to siphon its reasoning pathways. It’s the AI equivalent of stealing the secret sauce by asking for the recipe a million times. Red Flag: corporate IP is being scraped faster than a teenager downloads memes.

Meanwhile, the defenders watch the logs and sigh, “we’ll patch it tomorrow.”

Feature: AI‑Integrated Malware (HONESTCUE)

HONESTCUE talks to Gemini, asks it for C# snippets, compiles them in memory, and disappears like a magician’s rabbit. No files, no signatures—just pure, AI‑driven mayhem. Red Flag: traditional antivirus tools are left staring at an empty screen while the payload runs in RAM.

It’s as if the malware took a coding bootcamp from a chatbot and graduated with honors.

Bottom line: more AI, fewer guarantees. If you’re hoping Google’s “new safeguards” will stop a nation‑state, you might as well trust a toddler with the car keys.