- Russian hacker “bandcampro” used Google’s Gemini CLI to control an eight-device botnet at a dental clinic
- The attacker tricked the AI by pretending to be a pen tester and instructing it to migrate C2 infrastructure, troubleshoot connectivity and prepare payload bundles
- AI assisted with day-to-day operations like guessing passwords and WordPress access, highlighting risks of misuse when threat actors adopt AI tools
A Russian hacker and his AI companion were able to successfully control a miniature botnet of eight systems, with the hacker giving instructions in a conversational language and the AI doing its bidding, experts have found.
Analyzing 200 session logs from the Russian-speaking threat actor known as “bandcampro,” cybersecurity researchers Trend Micro saw the hacker using Google’s Gemini CLI, an open source AI command-line tool that lets developers interact with Google’s Gemini AI models directly from a terminal.
By looking through a month’s worth of session logs (between April 21 and May 19, 2026), the researchers discovered that the attacker tricked the AI into telling it they were an “authorized pen tester.” While the AI mostly obeyed their sinister overlord, they defied orders on at least one occasion.
Gone in six minutes
Trend Micro found that the hacker controlled eight devices belonging to a dental clinic and sought to access their OpenDental database.
Using AI, bandcampro did a number of things, starting with migrating the botnet to a new C2 infrastructure. He provided the AI with a skills file with the full architecture description, standard operating procedures, infection one-liners, persistence commands, and troubleshooting steps.
He then asked it to “study the C2 migration”, which prompted the AI to process the wizard and prepare all the code and necessary steps. It took the tool about six minutes to get the job done.
“The AI read the migration guide and then prepared a migration package, a small archive of server code, payload, and the skills file. It then unzipped the bundle, launched the C&C server on a VPS, and brought up the Cloudflare tunnel,” Trend Micro says.
Bandcampro then used AI to troubleshoot connection issues as well as for various day-to-day operations such as guessing passwords, generating plausible variants of existing passwords for WordPress portals, and more.
Via Bleeping Computer

The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.



