.jpg)
Artificial intelligence was supposed to make our lives easier, help us in writing emails, answering questions, maybe even helping kids with homework. But in the wrong hands, it seems machines are learning a darker trade: CRIME.
Researchers have discovered what may be thefirst AI-powered ransomware charmingly named PromptLock. Unlike traditional malware, which relies on carefully written code, this program essentially sweet-talks an AI into becoming its criminal partner in crime.
Instead of smashing through firewalls,PromptLock whispers instructions to a large language model, asking it to scanfiles, hunt for sensitive data, and lock everything down with military-grade encryption. And the AI, none the wiser, obliges.
“This is the first time we’ve seen a ransomware blueprint that doesn’t just use code, it uses conversation,”said Anton Cherepanov, ESET’s lead researcher.
PromptLock leverages the gpt-oss:20b model locally on compromised machines to generate malicious code, guided by hard coded text prompts
Source:ESET
The malicious code instructs the model togenerate scripts that perform classic ransomware functions: scanning and exfiltrating files, encrypting data across Windows, Mac, and Linux systems withSPECK 128-bit encryption, and producing customized ransom notes.
Source:ESET
Once deployed, the ransomware runs malicious Lua-based code designed to scan the compromised system, steal files,and encrypt data.
According to ESET, these Lua scripts arecross-platform, capable of operating on Windows, Linux, and macOS. Depending on the files it identifies, the malware may exfiltrate information, encryptcontent, or even destroy data.
What makes Prompt Lock especially unnervingisn’t just the fact that it is a new threat in the wild. It’s the fact that the ransom notes, the scripts, even the tactics can change on the fly, because the AI can be instructed to rewrite them every single time. That means no two attacks look quite the same, a nightmare scenario for defenders.
So far, PromptLock seems more likeproof-of-concept than an active threat.
Though unfinished, some destructive capabilities remain non functional. PromptLock highlights the new risks AIposes in enterprise environments. Because its scripts are dynamicallygenerated, the Indicators of Compromise (IoCs) may vary with each run,complicating detection and response.
Its very existence feels like a plot twist: a warning shot for enterprises that the next ransomware wave may not come from human coders alone, but from machines convinced to act against their owners.
If the 2010s were the age of phishing emails and stolen passwords, the 2020s may be remembered as the decade when hackers taught machines how to hustle.
.png)
.png)