Promptlock has not yet been actively exploited, but does demonstrate that ransomware and AI go hand in hand.
Researchers from ESET have scored a first: PromptLock, the very first known ransomware partly written by AI. Fortunately, it’s not yet an active threat, but it is a clear warning for the future.
AI Contributes to Malicious Code
In a blog post, ESET researcher Anton Cherepanov discusses the AI malware. He discovered PromptLock via VirusTotal, a platform where suspicious files are analyzed. In the code, he saw prompts that were passed to the GPT-oss 20b AI model to generate malicious scripts in the Lua programming language. Although the output is different each time, the prompts remain the same.
“The malware encrypts files with light encryption and sends them to an external computer,” says Cherepanov. “But in its current form, it’s not yet a serious threat.”
New Era
Yet it’s only a matter of time before AI is deployed on a larger scale by cybercriminals. Thanks to AI, they can create new variants faster that are harder to detect and spread more aggressively. “Ransomware becomes more efficient and more unpredictable because of this,” warns Cherepanov.
For ordinary users, this means that vigilance becomes more important than ever. Alertness, regular backups, strong passwords, and good antivirus software are essential weapons in an era where even malware is becoming smart.