[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$ftzNeo0ZGdzIh6K8DrqUxS_Jkn6K7UQLpZJKeJ_FCqHg":3},{"article":4,"iocs":52},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":29,"category":30,"article_tags":34},"4c46f101-e104-4870-b6f2-ffa09d196ffd","Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing","google-sues-chinese-smishing-network-accused-of-using-gemini-ai-in-phishing-8f8a91","Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and management of a phishing-as-a-service (PhaaS) software kit called Outsider, per the tech giant. \"The operation weaponized Gemini to help","Google has filed a lawsuit against a Chinese cybercrime network accused of using its Gemini AI to generate phishing pages and conduct large-scale smishing attacks. The network operates a phishing-as-a-service (PhaaS) kit called Outsider, which allows threat actors to create fraudulent websites and send fake text messages impersonating legitimate brands. Google is collaborating with major US carriers to block these messages.","Google sues Chinese smishing network using Gemini AI to generate phishing pages.","Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing Ravie LakshmananJun 12, 2026Cybercrime \u002F Artificial Intelligence Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and management of a phishing-as-a-service (PhaaS) software kit called Outsider, per the tech giant. \"The operation weaponized Gemini to help generate fraudulent phishing pages and deploy massive SMS phishing ('smishing') attacks, often through text messages impersonating legitimate brands, alerting recipients of 'brokerage account issues' or insisting they are eligible for 'rewards through their mobile phone carrier,'\" Google said. \"The texts prompt users to click a link leading to a fraudulent website that mimics trusted institutions to steal personal and financial information.\" Google said it's filing the lawsuit to dismantle the network's infrastructure, and that it's partnering with AT&T, T-Mobile, and Verizon to block such messages from reaching customers. Outsider's operations, according to the company, are coordinated through Telegram, with the network distributing phishing kits that make it possible for threat actors to push fake text messages that claim to be from trusted brands. These schemes are estimated to have victimized more than 100,000 people, leading to millions of dollars in losses. In addition, 9,000 fake websites and more than 1.59 million fraudulent URLs tied to the phishing service have been identified between November 14, 2025, and April 14, 2026. In a two-week period from May 18 to June 1, 2026, Outside was responsible for 55,000 spam texts flagged by Android users. During the same timeframe, 2.5 million messages were sent by the network to Android users containing links to Outsider-generated websites. For as little as $88 a week, the kit allows criminals to create fraudulent websites, launch phishing campaigns, and steal victims' credit card numbers, bank account credentials, and personal data. A license can be purchased via a \"self-service ordering bot\" on Telegram (@OutsiderCodeBot). The service also offers more than 290 pre-built templates that impersonate legitimate websites of trusted institutions, real-time keystroke logging, and a performance dashboard to track the effectiveness of a campaign. \"As if Outsider's plug-and-play simplicity were not alarming enough, the Enterprise has made the tool even more powerful by providing step-by-step instructions on how Outsider can weaponize AI-generated code,\" Google said in its complaint filed in Manhattan federal court. \"Following those instructions, Enterprise members can use AI tools to generate programming code for a shell website, and copy and paste that code into Outsider to transform that shell into a fraudulent site that can be used to steal personal or financial information from their victims.\" Google said the prompts for Gemini and other AI platforms are framed as harmless requests for programming assistance, asking the model to generate HTML code to design a \"gift redemption page\" with the desired functionality and features, and instructing it to avoid using JavaScript and employ inline CSS to implement it. Once the counterfeit website is online, its URL is sent to potential victims via text messages. The Outsider Enterprise is said to include a number of interconnected groups that play different roles, but collaborate to execute phishing attacks using the phishing kit. This includes - The Developer Group, which supplies the phishing software and templates The Data Broker Group, which provides curated lists of people to target The Spammer Group, which provides the tools to send fraudulent text messages in bulk The Theft Group, which helps monetize stolen information (e.g., credit cards and credentials) and launder funds from stolen credit cards The Telegram Group, which facilitates collaboration among members and recruits new members The advantage with such services, as in the case of recently disrupted Sniper Dz, is that they dramatically lower the barrier to entry for novice fraudsters lacking programming knowledge, who can leverage them to mount convincing phishing attacks with minimal effort and at scale. \"The criminals behind the Outsider Enterprise built a business out of impersonating trusted brands to defraud hundreds of thousands of victims,\" said Brett Leatherman, assistant director of the U.S. Federal Bureau of Investigation's (FBI) Cyber Division. \"Criminals increasingly use AI to make fraud like this more convincing and harder to detect.\" The development comes exactly seven months after Google filed another lawsuit in the U.S. against China-based hackers behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that ensnared over 1 million users across 120 countries. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share Share SHARE  Android, artificial intelligence, Cybercrime, cybersecurity, data theft, Gemini, Google, Phishing, Smishing, Telegram ⚡ Top Stories This Week Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public ⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes New HTTP\u002F2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy and Cloudflare ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors + 20 New Stories ⭐ Featured Resources Get the 2026 Guide to Govern and Secure Enterprise AI Agents at Scale Catch 88% of Malware Threats in Under 60 Seconds with Live Sandbox Analysis [Guide] Transform Network Operations with Intelligent Workflows See How Agentic AI Cuts Your SOC Triage Time in Half [Get a Demo]","https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fgoogle-sues-chinese-smishing-network.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEg2VG_lHXgOeahfKoUs6hQ7fOmh-dK1ZGloqzAWilTU73LKJF5mBDqw4OSpU8ViE0NEI1iW4cNS5vyz4TpqoJ_aGjHYt4-qJXfmZP2a3mi8GILe4OeP7qSFKeqDWrbHyoMmf49EtaDTylhnpLvem5LCwqX2e8MRSR5rQC5cNv9qH-H_ySeUT5uYHWRLGa5P\u002Fs1600\u002Fgemini-phishing.jpg","2026-06-12T18:59:32+00:00","2026-06-12T20:00:15.794215+00:00",8,[18,21,24,27],{"name":19,"type":20},"Google","vendor",{"name":22,"type":23},"Gemini","product",{"name":25,"type":26},"Phishing-as-a-service","technology",{"name":28,"type":23},"Android","e7b231c8-5f79-4465-8d38-1ef13aea5a14",{"id":29,"icon":31,"name":32,"slug":33},null,"Threat Intelligence","threat-intelligence",[35,40,45,50],{"category":36},{"id":37,"icon":31,"name":38,"slug":39},"2e06f76c-d5b9-4f54-9eef-4d3447b10730","Breaches","breaches",{"category":41},{"id":42,"icon":31,"name":43,"slug":44},"839da5c1-3c34-47e2-9499-f7201640e3ac","AI Security","ai-security",{"category":46},{"id":47,"icon":31,"name":48,"slug":49},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":51},{"id":29,"icon":31,"name":32,"slug":33},[53],{"type":54,"value":55,"context":56},"domain","outsider.com","Phishing-as-a-service (PhaaS) software kit name"]