Hackers use Gemini to target you, Google says

Google says hackers are abusing Gemini to accelerate cyber attacks, and this isn’t limited to cheap phishing spam. In a new Google Threat Intelligence Group reportAccording to the report, state-backed groups used Gemini in multiple phases of an operation, from early target research to post-compromise work.

The activity includes clusters related to China, Iran, North Korea and Russia. Google says the clues and results it observed involved profiling, social engineering copies, translations, coding assistance, vulnerability testing and debugging when tools break during a breach. Quick help with routine tasks can still change the outcome.

AI assistance, same old playbook

Google researchers see the use of AI as acceleration, not magic. Attackers are already conducting reconnaissance, setting up decoys, modifying malware, and debugging bugs. Gemini can narrow that loop, especially when operators need quick rewrites, language support, or code fixes under pressure.

The report details activities related to China, where an operator hired a cybersecurity expert and pushed Gemini to automate vulnerability analysis and produce targeted test plans in a fabricated scenario. Google also says that a China-based actor has repeatedly used Gemini for debugging, research and technical guidance related to intrusions. It’s less about new tactics, more about fewer speed bumps.

The risk is not just phishing

The big shift is the pace. If groups can focus on targeting and tooling more quickly, defenders will have less time between early signals and real damage. That also means less obvious breaks where errors, delays, or repetitive manual work can show up in logs.

Google also identifies another threat that looks nothing like classic scams: model extraction and knowledge distillation. In that scenario, actors with authorized API access hammer the system with clues to replicate how it performs and reasons, then use that knowledge to train another model. Google sees it as damage to commercial and intellectual property, with potential downstream risk if it scales up, including an example with 100,000 prompts aimed at replicating behavior on non-English language tasks.

What to watch next

Google says it has disabled accounts and infrastructure associated with documented Gemini abuse, and added targeted defenses to Gemini’s classifications. It also says it continues testing and relies on safety railings.

For security teams, the practical starting point is to assume that AI-enabled attacks will be faster, not necessarily smarter. Track sudden improvements in lure quality, faster tooling iteration, and unusual API usage patterns, then tighten response runbooks so that speed doesn’t become the attacker’s biggest advantage.