The Rise of PromptLock: A New Era of AI-Powered Ransomware

Cybersecurity researchers at ESET have made a significant and concerning discovery: the first known "AI-powered" ransomware strain, dubbed ‘PromptLock’. This new threat represents a dangerous evolution in malware, moving beyond traditional methods by leveraging artificial intelligence to enhance its destructive capabilities. This ransomware strain is particularly notable for its use of OpenAI's open-source gpt-oss-20b model, which it runs locally via the Ollama API to dynamically generate malicious Lua scripts.

PromptLock, which is written in Golang, uses these AI-generated scripts to perform a range of malicious actions. According to researchers Anton Cherepanov and Peter Strycek, the malware can enumerate local file systems, inspect target files, exfiltrate sensitive data, and encrypt files. The use of Lua scripts makes PromptLock remarkably versatile and cross-platform compatible, allowing it to function on Windows, Linux, and macOS systems. The malware also employs the NSA-developed SPECK 128-bit encryption algorithm to lock files.

One of the more peculiar details of this discovery is the Bitcoin address used in the payment demand, which is associated with Satoshi Nakamoto, the anonymous creator of Bitcoin. This, along with other indicators, suggests that PromptLock may currently be a proof-of-concept or a work in progress rather than a fully operational threat. However, cybersecurity experts believe it is crucial to inform the community about these developments, as it signals a shift toward more sophisticated and autonomous attacks.

The emergence of PromptLock is a wake-up call for the cybersecurity community. While ransomware gangs have previously used AI to automate communications and social engineering, PromptLock introduces a new level of threat by using AI for core malicious functionality. This development supports earlier warnings from firms like Malwarebytes, which cautioned that businesses need to prepare for a new wave of AI-powered ransomware. The fear is that as attackers gain more access to local and private AI models, the efficiency and unpredictability of their attacks will grow exponentially. As John Scott-Railton of Citizen Lab commented on the ESET research, "We are in the earliest days of regular threat actors leveraging local/private AI... And we are unprepared." The battle against cybercrime is entering a new, AI-driven phase, and the security community must adapt quickly to stay ahead.