TLDR: NYU scientists have developed a prototype AI-powered ransomware, dubbed ‘PromptLock,’ which was detected by cybersecurity firm ESET. This groundbreaking malware leverages large language models to autonomously generate malicious scripts, capable of data exfiltration and encryption, marking a significant evolution in cyber threats, though it is currently a proof-of-concept and not active in the wild.
Cybersecurity firm ESET has announced the detection of ‘PromptLock,’ a novel ransomware strain that represents the first known instance of AI-powered malware. This sophisticated threat, later confirmed to be a research prototype developed by scientists at New York University (NYU), utilizes generative artificial intelligence to orchestrate and execute ransomware attacks.
PromptLock’s core innovation lies in its ability to leverage a locally hosted AI language model, specifically OpenAI’s gpt-oss:20b accessed via the Ollama API, to generate malicious Lua scripts in real-time. This allows the malware to autonomously decide whether to exfiltrate, encrypt, or potentially destroy data based on predefined text prompts. ESET researchers Anton Cherepanov and Peter Strýček, who analyzed the malware, highlighted its cross-platform compatibility, targeting Windows, Linux, and macOS systems. The ransomware is written in Golang and employs the SPECK 128-bit encryption algorithm.
The discovery by ESET initially identified samples of PromptLock on VirusTotal. Subsequently, the research team was contacted by the authors of an academic study titled ‘Ransomware 3.0: Self-Composing and LLM-Orchestrated’ from NYU, confirming that the detected samples closely resembled their research prototype. This collaboration clarified that PromptLock, while highly advanced, is currently a proof-of-concept rather than fully operational malware deployed in active attacks.
Despite its prototype status, the implications of PromptLock are profound. “Regardless of the intent behind PromptLock, its discovery points to how AI tools can be used to automate various stages of ransomware attacks, from reconnaissance to data exfiltration, at a speed and scale once thought impossible,” stated ESET researchers Cherepanov and Strýček. They further added, “The prospect of AI-powered malware that can, among other things, adapt to the environment and change its tactics on the fly may generally represent a new frontier in cyberattacks.”
Also Read:
- AI-Powered Hexstrike Framework Enables Rapid Zero-Day Exploitation by Cybercriminals
- 2025 Gartner® Magic Quadrant™ Highlights AI’s Pivotal Role in Evolving Endpoint Security
This development underscores a significant shift in the cyber threat landscape, where AI can dramatically simplify the creation of sophisticated attacks, potentially eliminating the need for large teams of skilled developers. While PromptLock has not been observed in real-world attacks, its existence serves as a critical warning for cybersecurity defenders to adapt to the evolving capabilities of AI-enabled threats.
