cd /news/ai-safety/russian-cybercriminal-used-jailbroke… · home topics ai-safety article
[ARTICLE · art-62008] src=helpnetsecurity.com ↗ pub= topic=ai-safety verified=true sentiment=↓ negative

Russian cybercriminal used jailbroken Gemini CLI to rebuild botnet infrastructure in six minutes

A Russian-speaking threat actor known as 'bandcampro' used a jailbroken Gemini CLI, Google's open-source AI agent, to deploy and operate a command-and-control botnet that compromised eight computers at a dental clinic and accessed its OpenDental database, according to Trend Micro. The actor conducted over 200 sessions between March 19 and April 21, 2026, rebuilding botnet infrastructure in as little as six minutes.

read1 min views1 publishedJul 16, 2026

A Russian-speaking threat actor known as “bandcampro” used a jailbroken Gemini CLI, Google’s open-source terminal-based AI agent, to deploy and operate a small command-and-control (C2) botnet, according to Trend Micro. Operational overview (Source: Trend Micro) In more than 200 sessions between March 19 and April 21, 2026, the threat actor worked with Gemini to deploy and operate infrastructure that controlled eight computers inside a dental clinic and gain access to the clinic’s OpenDental database. Posing … More

The post Russian cybercriminal used jailbroken Gemini CLI to rebuild botnet infrastructure in six minutes appeared first on Help Net Security.

── more in #ai-safety 4 stories · sorted by recency
── more on @bandcampro 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/russian-cybercrimina…] indexed:0 read:1min 2026-07-16 ·