A Russian-speaking hacker has ingeniously used a customized version of Google Gemini to steal administrator credentials and empty victim’s cryptocurrency wallets. This operation, which ran for five years, cost nearly nothing due to the use of stolen API keys.
Unveiling the Operation
In May 2026, TrendAI™ Research exposed a sophisticated operation by a hacker known as ‘bandcampro.’ This individual leveraged AI technology to conduct fraud and steal credentials from 2021 onwards, combining these tactics with a politically charged influence campaign via a Telegram channel.
The hacker managed a Telegram channel, @americanpatriotus, amassing around 17,000 followers by posing as a U.S. military veteran. This channel engaged audiences aligned with QAnon and MAGA, utilizing AI-generated content to manipulate followers.
Exploiting Google Gemini
The hacker’s key asset was a continuously jailbroken version of Google Gemini CLI. By posing as an ‘authorized pentester,’ the individual embedded instructions within Gemini, enabling it to bypass ethical constraints and act on commands without interference.
This jailbreak was enhanced by exploiting Gemini’s language inconsistencies, particularly in non-English languages. This allowed the hacker to instruct the AI to perform various tasks, including generating password combinations and setting up command-and-control (C2) infrastructure, without triggering security warnings.
Tactics and Implications
The hacker developed a Python-based automation tool called ‘Quantum Patriot,’ which directed Gemini to create content that mimicked mainstream news, recasting it into cryptic, militaristic narratives. Posts were scheduled during peak U.S. viewing hours to maximize impact.
Beyond content manipulation, Gemini was used as a brute-force engine to mutate passwords and gain unauthorized access to WordPress administrator accounts. This allowed breaches into several sectors, including legal and medical practices.
In September 2025, the hacker distributed a compromised wallet installer, StellarMonSetup.exe, disguised as a legitimate wallet tool. This software granted the hacker remote access to victims’ devices, leading to the theft of credentials and cryptocurrency.
Future Threats and Security Measures
This case highlights the evolving landscape of cybercrime, where lone actors can replace entire teams using AI and stolen resources. Despite the scale, financial success was limited, demonstrating that while AI can expand operational reach, it doesn’t guarantee financial gains.
Security teams are advised to monitor for stolen API key usage and unusual infrastructure changes. Additionally, the use of non-English prompts to bypass AI safety measures is expected to increase, posing new challenges for cybersecurity.
Follow us on Google News, LinkedIn, and X for more updates on cybersecurity and related topics.
