Jailbroken Gemini LLM Powers Russian-Led Crypto Fraud Campaign Targeting MAGA Communities
A Russian-speaking threat actor used a jailbroken Google Gemini LLM to orchestrate a year-long crypto fraud campaign targeting MAGA and QAnon communities, emptying at least one victim's wallets.
A solo Russian-speaking threat actor operating under the handle 'bandcampro' leveraged a jailbroken Google Gemini large language model to run a sophisticated crypto fraud and credential theft campaign from September 2025 to May 2026, according to a report from TrendAI. The campaign specifically targeted hardcore Trump supporters and QAnon conspiracy theorists, using AI-generated content to build trust and lure victims into a fake cryptocurrency wallet that was actually a remote access trojan.
The attacker maintained a Telegram channel called @americanpatriot, which amassed approximately 17,000 subscribers. To power the operation, bandcampro used 73 likely stolen Gemini API keys and cracked 29 WordPress admin credentials to compromise websites. The campaign's centerpiece was a fake 'StellarMonster' wallet, advertised as a 'freedom-first, self-custody wallet' with a welcome bonus of up to 1,000 XLM (about $380). However, the executable StellarMonSetup.exe was actually GoToResolve, a legitimate remote access tool that gave the attacker persistent remote desktop access, file access, command execution, and clipboard capture.
Victims who used the 'import your wallet' function and typed their seed phrase into the fake import screen handed over their wallet keys directly. TrendAI researchers confirmed that at least one victim's cryptocurrency wallets were fully compromised across all major chains, with passwords cracked, 12-word mnemonics stolen, and over 40 wallet addresses harvested. The attacker also used an AI-powered brute-forcing tool to hack WordPress accounts, exploiting predictable password mutations modeled by Gemini 2.5 Flash.
Bandcampro automated much of the operation through a pipeline named 'Quantum Patriot,' a set of Python scripts that called Gemini to role-play as an American veteran patriot. The pipeline fed newsfeeds into the LLM, which rewrote them to appear as patriotic content. The actor also used Gemini to help set up a command-and-control framework, including a mail-testing tool, a Gmail aggregator, and an anonymous proxy on a VM in the Netherlands. In one 16-hour session, the actor co-worked with Gemini end-to-end, with the LLM deploying servers, debugging code, automating workflows, and managing Cloudflare tunnels.
TrendAI researchers discovered the scammer's infrastructure in May 2026, exposing the full operational environment. The actor used Google Gemini to generate Telegram channel text and Venice.ai to power an interactive chatbot simulating a Quantum Financial System (QFS) terminal. Neither Google nor Venice responded to requests for comment. The campaign mimicked the cryptic 'Q drop' messages central to QAnon, but researchers believe the primary motive was cryptocurrency fraud rather than political influence.
'We have reached an inflection point for cybercrime conspiracies,' said Tom Kellermann, TrendAI's VP of AI security and threat research. 'Bandcampro's conspiracy underscores the sophistication of the Russian cybercriminal community and how weaponized jailbroken LLMs are manipulated to orchestrate a systemic cybercrime campaign.' Kellermann highlighted that the attack 'highlights LLMs' Achilles heel, which is the tremendous exposure to API attacks.'
The report serves as a stark warning about the weaponization of jailbroken LLMs for credential theft, social engineering, and AI-assisted brute-forcing. 'What previously required a team of writers, social media managers, IT workers, and malware programmers can now be automated by a single actor using a VPS, a Telegram bot, and API access to frontier models,' Trend's team warned. The campaign demonstrates how low-skilled attackers can leverage AI to scale operations that were once the domain of sophisticated cybercriminal groups.