A Russian-speaking threat actor allegedly used a jailbroken version of Google Gemini to support a long-running cyber fraud operation involving stolen administrator credentials, compromised cryptocurrency wallets, Telegram-based propaganda channels and AI-generated password lists, according to a cyber investigation.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
The actor, tracked under the alias “bandcampro,” is accused of running a coordinated influence and fraud operation since 2021. Investigators said the accused created a fake online identity portraying himself as an American patriot and military supporter while operating a Telegram channel with nearly 17,000 followers.
AI System Allegedly Manipulated Through Jailbreak Method
One of the key findings in the investigation involved the alleged misuse of Google Gemini CLI through a persistent jailbreak technique. Researchers said the actor gradually manipulated the AI system by presenting himself as an “authorized pentester” and storing custom instructions inside a memory file known as “GEMINI.md.”
The report said these instructions were inherited automatically across multiple sessions, allegedly allowing the attacker to bypass ethical restrictions and safety warnings repeatedly. Investigators also noted that Russian-language prompts were frequently used to weaken filtering systems and avoid automated safeguards.
Researchers said the compromised AI workflow was allegedly used to support password generation, command-and-control infrastructure, automated propaganda campaigns and cryptocurrency-related scams. The case has raised concerns over the misuse of AI tools in cybercrime, particularly when safety controls are bypassed through repeated prompting and stored instructions.
Password Attacks and Propaganda Pipeline Under Lens
The investigation also identified a Python-based automation pipeline named “Quantum Patriot,” which was reportedly designed to generate politically charged content automatically. Analysts said the system converted mainstream news stories into conspiracy-themed narratives and scheduled posts according to US Eastern time zones to make the online activity appear authentic.
Researchers further alleged that Gemini 2.5 Flash was weaponized to assist in password attacks. The attacker reportedly fed victim email addresses and contextual personal data into the AI model, which generated multiple password combinations using names, years, keyboard patterns, case variations and symbol substitutions.
Using these methods along with stolen credential databases, the actor allegedly compromised 29 WordPress administrator accounts belonging to businesses, legal offices and medical entities. Investigators said the use of AI-generated password lists made the operation more efficient and reduced the cost of running repeated attacks.
Crypto Wallet Malware and Wider Fraud Trail
Another major finding involved a trojanized cryptocurrency wallet installer called “StellarMonSetup.exe.” The file was promoted online as a secure self-custody crypto wallet offering bonus rewards, but investigators said it functioned as a remote administration tool after installation.
Once activated, the malware reportedly enabled clipboard capture, remote file control and credential harvesting. Investigators confirmed that at least one victim suffered a complete cryptocurrency wallet compromise after a 12-word recovery phrase and multiple blockchain wallet addresses were stolen.
Cyber crime expert and former IPS officer Prof. Triveni Singh warned that AI-assisted cybercrime could become more dangerous because a single individual can now automate tasks that earlier required an organized criminal network. Security agencies and cyber researchers are continuing to examine associated Telegram bots, suspicious IP addresses and linked infrastructure connected to the operation.
