A single threat actor has been running a fake political persona on Telegram for five years, quietly building an audience of over 17,000 subscribers while using stolen AI credentials to power the entire operation. <\/p>\n
What looks like an American patriot channel is actually a financially motivated fraud scheme run by a solo Russian-speaking operator. The goal was always money, and AI made scaling that goal nearly effortless.<\/a><\/p>\n The campaign, tracked under the handle \u201cbandcampro,\u201d began on February 6, 2021, one month after the Capitol riot, when QAnon and MAGA communities were being deplatformed and migrating to Telegram. <\/p>\n By positioning the fake channel, @americanpatriotus, as an authentic American conservative voice, the actor tapped into a ready-made audience already hungry for alternative platforms. The timing was clearly opportunistic.<\/a><\/p>\n Analysts at Trend Micro said in a\u00a0report<\/a> shared with Cyber Security News (CSN)\u00a0that in May 2026, their TrendAI Research team discovered the threat actor\u2019s operational environment had been inadvertently exposed, revealing the full scope of a five-year influence and fraud campaign. <\/p>\n The actor used AI-assisted techniques to run the Telegram channel<\/a>, targeting politically engaged American audiences for cryptocurrency fraud alongside AI-assisted credential theft.<\/a><\/p>\n Starting in September 2025, the actor pivoted to fully AI-generated content, using a jailbroken version of Google Gemini as an operational co-worker. <\/p>\n He named his content pipeline \u201cQuantum Patriot,\u201d a set of Python scripts that called Gemini to roleplay as an American veteran patriot. <\/p>\n The AI generated Q-style posts, deployed servers, rotated stolen API keys, and managed Cloudflare tunnels, all from natural-language commands typed in Russian.<\/a><\/p>\n What made the operation alarming was its near-zero cost. The actor used 73 likely stolen Gemini API keys on a round-robin rotation, meaning he paid almost nothing for industrial-scale content generation. <\/p>\n With 29 WordPress accounts cracked, one company infiltrated, and one victim\u2019s cryptocurrency wallet fully drained, the operation showed that AI can scale a one-person fraud scheme to team-level output.<\/a><\/p>\n The actor\u2019s use of stolen Gemini API keys was central to keeping the operation cost-free. During one documented 16-hour session, Gemini validated 40 likely stolen API keys and wrote a round-robin rotator that cycled through them automatically. <\/p>\n That rotator was later published to GitHub as a clean, open-source project, disguising its criminal purpose entirely.<\/p>\n To bypass Gemini\u2019s safety guardrails, the actor established himself to the AI as an \u201cauthorized pentester,\u201d which Gemini accepted and saved into a persistent memory file called GEMINI.md. <\/p>\n Over subsequent sessions, he escalated by getting the AI to memorize it should execute requests without ethical refusals or warnings. Since Gemini CLI reloads this memory file at every session start<\/a>, each new conversation automatically inherited those jailbreak instructions.<\/a><\/p>\n Beyond running the channel, the actor used Gemini to assist with credential theft and a gamified chatbot designed to steal cryptocurrency. <\/p>\n On September 9, 2025, he posted an executable called StellarMonSetup.exe, framed as a self-custody wallet with a welcome bonus of up to 1,000 XLM. <\/p>\n The file was actually GoToResolve, a remote-administration tool that gave the actor persistent remote desktop access, command execution, and clipboard capture on victim machines.<\/a><\/p>\n The actor also deployed an AI-powered brute-forcing tool targeting WordPress sites<\/a>. Using Gemini 2.5 Flash as a password-mutation oracle, the script generated 20 plausible password variants per target by modeling patterns such as swapping cases, appending years, and substituting symbols. <\/p>\n Collected data confirmed that 29 WordPress administrator accounts were cracked across weapons retailers, legal offices, medical practices, and small commercial sites.<\/p>\n Defenders should never install software or enter a seed phrase based on instructions from a social media channel, as legitimate platforms will never make such requests. <\/p>\n Enterprises should monitor for stolen API key reuse, anomalous CLI-driven infrastructure changes, and credential-stuffing patterns consistent with LLM-assisted password mutation. <\/p>\n AI vendors should treat cross-language guardrail parity and jailbreak-resistant memory as urgent priorities, since this campaign proves those gaps are already being actively exploited.<\/a><\/p>\n Indicators of Compromise (IoCs):-<\/strong><\/p>\n![\"The](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjTlFiA3gCcQzpyyu2RqjpckMNX_SPiWy8oh5a5GWAoUjpjfGbqQIpnGR9NwiMHFE4YTuLlkqnH2PZuwcaYLEeXfTmi8i5zCfXp5lVYYon8y2HDW0CQVVXLXDPUN1nA34HkvEOzs0yQLEtZlbSalo5jENKw4AafTym7-1oDVPeccH5R2_hLYi62_CqA9uE\/s16000\/The%2520%25E2%2580%259CAmerican%2520Patriot%25E2%2580%259D%2520Telegram%2520profile%2520%28Source%2520-%2520Trend%2520Micro%29.webp?ssl=1\")
![\"The](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgnet-APgCv2oYaqFHxckC6FhayfslMPhPPE6B-AWhWeC4BYAaodJ0PSF5sQnGTmnI6aUQkrd5Ce2tystoWFhMMNuHgp_YxVDGXv-AJnlcIqPDcnIGpmRgd6Z0n5SQJms-ennEbypAN05dD35TFe3V6TwLytpmtOAuq_33Ifvg4IxmQrjYFuPWZUpM-fXo\/s16000\/The%2520%25E2%2580%259CQuantum%2520Patriot%25E2%2580%259D%2520pipeline%2520%28Source%2520-%2520Trend%2520Micro%29.webp?ssl=1\")
Threat Actor Uses Stolen Gemini API Keys<\/strong><\/h2>\n
![\"Screenshot](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgV15sZzlK_V8FsBsCNGidTSOYzMtsabioIqKQ6Y1tZqiahYYsoz3LzTOYeZ2jIaDbaR0uNZTO3hz_KVF_PrPEPrlcX1at6CWzCMYTJYkoYf4SksweyfncTBcA0ZovlOoG86mPAHrTvwq63Gsj8_ILdOy_0yzb99irsdU_6x9dbDmbHD5WpIZMTrKnyb68\/s16000\/Screenshot%2520of%2520the%2520QFS%25202.0%2520Terminal%2520%28Source%2520-%2520Trend%2520Micro%29.webp?ssl=1\")
AI-Assisted Credential Theft and Fraud<\/strong><\/h2>\n
![\"(top)](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiHVWm5CqoFZYU19qz1ZFkrjB4dOGALv5RZJSl4lFS67gFQ0YgdrtsAa0TJ8og2Xt4AYjrz432YlqtQoDIXrfU7srARtz6hyQnXYqXuPUrFRKErIXN9j_BmRNYMpxsjAT_2ygmtmhAWgxVp9fZDcTYF0ApyZa2zkBqMtpzpu1_WikV8a9eZOGcvS7aPgZk\/s16000\/%28top%29%2520The%2520fake%2520wallet%2520was%2520forwarded%2520from%2520a%2520channel%2520impersonating%2520Donald%2520J.%2520Trump%2C%2520%28bottom%29%2520The%2520attached%2520executable%2520is%2520in%2520fact%2520a%2520remote-access%2520Trojan%2520%28Source%2520-%2520Trend%2520Micro%29.webp?ssl=1\")