The first AI-powered ransomware has been spotted - and here's why we should all be worried

News
By published

‘PromptLock’ could be a serious problem

Hacker with malware code in computer screen. Cybersecurity, privacy or cyber attack. Programmer or fraud criminal writing virus software. Online firewall and privacy crime. Web data engineer
(Image credit: Shutterstock)
  • Researchers discover new PromptLock ransomware
  • PromptLock is AI powered - presenting new concerns for security teams
  • AI is already shaking up the cyber landscape

Security researchers from ESET have identified the first known AI-powered ransomware, which serves as a warning for security teams as generative AI has, and will, continue to make cyberattacks much more accessible for criminals.

Researchers Peter Strycek and Anton Cherepanov discovered the proof of concept, which they dubbed ‘PromptLock’, which, ‘leverages Lua scripts generated from hard-coded prompts to enumerate the local filesystem, inspect target files, exfiltrate selected data, and perform encryption.’

"Although multiple indicators suggest the sample is a proof-of-concept (PoC) or work-in-progress rather than fully operational malware deployed in the wild, we believe it is our responsibility to inform the cybersecurity community about such developments," the researchers wrote.

Use in the wild

The PromptLock malware uses OpenAI’s gpt-oss:20b model - an open weight model released in August 2025, and this is run locally through the Ollama API to generate malicious Lua scripts ‘on the fly’.

Lua scripts are cross-platform compatible, the researchers point out, meaning they function on macOS, Linux, and Windows. The malware can then exfiltrate, encrypt, and potentially destroy any data it chooses after scanning user files, presumably to determine which would be most valuable.

Security teams have been warning for months that the AI-powered future of ransomware is coming soon, and although PromptLock has not yet been observed targeting victims in the wild, it’s clear it's only a matter of time before this happens.

Not only does GenAI make life a lot easier for wannabe hackers by lowering the barrier of entry, but LLM’s also spit out different results even when given the same prompt. This makes them unpredictable and particularly difficult for defenders to detect, as the pattern of behavior is more erratic and hard to spot.

Via:The Register

You might also like

TOPICS
Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.