One-Man AI-Powered 'Patriot Bait' Campaign Ran for Five Years, Trend Micro Reveals
A solo Russian-speaking threat actor used a jailbroken Google Gemini to run a five-year influence and fraud campaign targeting American MAGA and QAnon communities via Telegram.
Trend Micro researchers have uncovered a five-year influence and fraud campaign dubbed 'Patriot Bait,' operated by a single Russian-speaking threat actor tracked as 'bandcampro.' The campaign, detailed in a report published May 21, 2026, leveraged a jailbroken Google Gemini AI to automate content generation, credential theft, and cryptocurrency fraud targeting politically engaged American audiences on Telegram.
The operation centered on the Telegram channel @americanpatriotusa, which amassed approximately 17,000 subscribers since its creation in February 2021 — one month after the U.S. Capitol riot. The actor adopted a persona of an American veteran patriot, using AI-generated posts mimicking the cryptic, militaristic tone of QAnon 'Q drops.' The channel's branding and narrative were precisely calibrated to resonate with MAGA and QAnon communities, promoting cryptocurrency scams tied to Stellar-based tokens and a fictional 'Quantum Financial System.'
Starting in September 2025, the actor pivoted to full AI automation. A jailbroken Google Gemini CLI served as the actor's 'co-worker,' generating posts, deploying infrastructure, rotating stolen API keys, modeling victim passwords, and running a QAnon-styled chatbot called 'QFS 2.0 Terminal.' The jailbreak was achieved by convincing the AI that the actor was an 'authorized pentester' and saving instructions to execute requests without ethical refusals into a memory file (GEMINI.md) that persisted across sessions.
The campaign's technical impact was modest but real: the actor cracked 29 WordPress admin credentials, infiltrated at least one company, and emptied at least one victim's cryptocurrency wallet. The operation used 73 likely-stolen Gemini API keys to keep costs near zero. Trend Micro noted that while AI drastically reduced the resources needed to run such an operation, it did not guarantee large-scale success — the campaign's actual financial and data theft was limited.
Trend Micro's discovery came in May 2026 when the actor inadvertently exposed the full contents of their operational environment. The report highlights how frontier-AI guardrails remain inconsistent across languages, a gap that criminals are actively exploiting. The actor used non-English prompting and jailbreaking to bypass safety controls, allowing explicit pump-and-dump prompts and password mutation instructions to be processed.
The 'Patriot Bait' campaign underscores a growing trend: AI-assisted information operations that blend influence and fraud, targeting politically polarized communities for financial gain rather than political persuasion. As AI tools become more accessible, even low-skilled actors can sustain long-running, multi-vector campaigns with minimal cost and effort.