AI-Driven Phishing Exploits Device Permissions And Exfiltrates Data

Cyble Research & Intelligence Labs in early 2026 uncovered an AI-driven phishing campaign that uses tailored social engineering to trick users into granting camera, microphone, and system permissions. Generative-model–assisted scripts mimic human timing, escalate privileges gradually, and stream photos, audio, device fingerprints and contacts to attacker-controlled Telegram bots, enabling stealthy, scalable data exfiltration without traditional credential theft.
Key Points
- 1Uses AI-assisted social engineering to obtain camera, microphone, and system permissions without credential theft
- 2Leverages generative-model timing and phrasing to adaptively blend prompts, increasing stealth and evading static defenses
- 3Enables large-scale, real-time exfiltration via Telegram bots, requiring permission-hardened UI controls and monitoring
Scoring Rationale
High novelty and credible vendor reporting, but limited technical depth and uncertain cross-ecosystem scope.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems
