AI Powered Phishing Kit
Google has filed a lawsuit against a Chinese cybercrime network that allegedly used its Gemini AI assistant to generate fraudulent phishing websites. The operation, described as a phishing-as-a-service (PhaaS) platform called Outsider, sent deceptive text messages impersonating trusted brands. These messages prompted recipients to click links to fake sites designed to steal financial information and login credentials. Google stated that the network weaponized Gemini to help produce HTML code for convincing fake pages, often themed as gift redemption or account alert portals.
Scale and Coordination of the Attack
Between November 2025 and April 2026, investigators identified over 9,000 fake websites and more than 1.59 million malicious URLs linked to the service. The network used Telegram to coordinate its activities and offered Outsider licenses for as little as $88 per week. The kit included over 290 pre built templates, keystroke logging capabilities, and a performance dashboard. The FBI, which participated in a joint takedown called Operation Ghost Hook, estimated that the platform was responsible for approximately 3.87 million stolen credit cards and roughly $1.9 billion in losses since July 2023. Authorities seized domains, a Shopify storefront, and approximately $100,000 in cryptocurrency from the operation.
Source: https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html
