Cybersecurity researchers at ESET have uncovered PromptLock, a groundbreaking ransomware variant that represents the first documented case of malware leveraging artificial intelligence to generate malicious code. While the discovered sample appears to be in developmental stages, its emergence signals a significant evolution in cyber threat landscape where AI technologies are being weaponized by cybercriminals.
Technical Architecture and AI Integration
PromptLock operates using OpenAI’s gpt-oss-20b model, one of two recently released open-weight AI models available to the public. The ransomware’s most distinctive feature is its ability to run the AI model locally on infected systems through the Ollama API, eliminating dependencies on external command-and-control servers and ensuring autonomous operation even in isolated network environments.
The malware employs a sophisticated mechanism that dynamically generates Lua scripts using hardcoded prompts. These AI-generated scripts perform critical attack functions including filesystem enumeration, target file identification, sensitive data extraction, and subsequent encryption operations. This approach allows the ransomware to adapt its behavior based on the specific environment it encounters.
Cross-Platform Capabilities and Encryption Methods
The choice of Lua scripting provides PromptLock with universal compatibility across Windows, Linux, and macOS platforms. Built using the Go programming language, the ransomware demonstrates enhanced portability and can execute effectively across diverse operating system architectures.
For file encryption, the malware implements the 128-bit SPECK algorithm, a lightweight cryptographic standard developed by the U.S. National Security Agency. This selection indicates the developers’ focus on achieving efficient encryption with minimal computational overhead, potentially allowing faster file processing during attacks.
Intelligent File Selection and Context Analysis
Unlike traditional ransomware that indiscriminately encrypts available files, PromptLock demonstrates contextual file analysis capabilities. The AI component enables the malware to make informed decisions about which files to locate, copy, encrypt, or delete based on file types and content analysis. This intelligent targeting could potentially maximize damage while minimizing detection risks.
ESET researchers note that the file deletion functionality remains unimplemented in the current version, reinforcing the assessment that this represents a proof-of-concept or developmental build rather than a fully operational threat.
Detection and Current Threat Status
Samples of PromptLock were identified on VirusTotal for both Windows and Linux systems. Despite the absence of confirmed active deployment in real-world attacks, cybersecurity experts emphasize the importance of raising awareness about such developments within the security community.
The emergence of PromptLock highlights the potential for artificial intelligence to serve as a force multiplier in cybercriminal operations. The ability to generate adaptive malicious code in real-time could significantly complicate detection and mitigation efforts for conventional antivirus solutions, potentially requiring new defensive approaches specifically designed to counter AI-enhanced threats.
Organizations should strengthen network monitoring capabilities, maintain current security system updates, and implement comprehensive backup strategies for critical data assets. As AI technology continues advancing, cybersecurity defenses must evolve proportionally to address this new generation of intelligent cyber threats. The discovery of PromptLock serves as an early warning that the intersection of artificial intelligence and cybercrime is no longer theoretical but an emerging reality requiring immediate attention from security professionals.
