AI-powered ransomware creates code on demand, ESET researchers discover

Security researchers at ESET have discovered the first known AI-powered ransomware, dubbed “PromptLock,” which uses generative AI to create malicious code on demand. While still a proof-of-concept, this development represents a significant escalation in cyber threats, as AI technology makes sophisticated attacks more accessible to criminals with limited technical expertise.

What you should know: PromptLock leverages OpenAI’s gpt-oss:20b model to generate malicious Lua scripts in real-time, demonstrating how cybercriminals are weaponizing AI tools.

• The malware runs locally through the Ollama API (a tool that lets computers run AI models without internet access) and uses hard-coded prompts to scan the local file system, inspect target files, steal selected data, and encrypt files, according to ESET researchers Peter Strycek and Anton Cherepanov.
• Lua scripts are cross-platform compatible, meaning the ransomware can function across macOS, Linux, and Windows systems.
• The malware can scan user files to determine which data would be most valuable before stealing, encrypting, or potentially destroying it.

Why this matters: AI-powered ransomware represents a fundamental shift in the threat landscape, making sophisticated cyberattacks accessible to less skilled criminals while creating new challenges for defenders.

• Generative AI significantly lowers the barrier to entry for wannabe hackers who previously lacked the technical skills to create complex malware.
• Large language models produce different outputs even when given identical prompts, making AI-generated attacks unpredictable and particularly difficult for security systems to detect.
• The erratic behavior patterns generated by AI make traditional detection methods less effective, as there’s no consistent signature to identify.

Current status: Although PromptLock has not yet been observed targeting victims in active attacks, security experts warn that operational deployment is inevitable.

• “Although multiple indicators suggest the sample is a proof-of-concept or work-in-progress rather than fully operational malware deployed in the wild, we believe it is our responsibility to inform the cybersecurity community about such developments,” the researchers wrote.
• Security teams have been warning for months that AI-powered ransomware attacks were approaching, making this discovery a confirmation of long-anticipated threats.

The big picture: This development marks the beginning of a new era in cybersecurity where artificial intelligence becomes both a defensive tool and an offensive weapon, fundamentally changing how organizations must approach threat detection and prevention.