Ransomware Has Evolved. AI is the New Weapon

A discovery by Anton Cherepanov, a researcher at ESET, has revealed what may be the first AI-powered ransomware variant, codenamed PromptLock. This aligns with predictions that generative AI would be used this year to facilitate malicious scripts and exploits.

Written in Golang, the newly identified strain uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts in real time. The open-weight language model was released by OpenAI earlier this month.

This demonstrates the ease and speed with which AI can produce effective malicious code. While OpenAI shut account access down, that will not mitigate this type of threat. Specifically, the prompts were hard-coded into the malware. Although we do not consider this variant a serious threat, it suggests a greater volume and speed of attacks is likely forthcoming.

PromptLock leverages Lua scripts generated from hard-coded prompts to enumerate the local filesystem, inspect target files, exfiltrate selected data, and perform encryption, according to ESET. These Lua scripts are cross-platform compatible, functioning on Windows, Linux, and macOS.

The ransomware also embeds instructions to craft a custom ransom note based on the "files affected," regardless of whether the infected machine is a personal computer, company server, or even a power distribution controller. It is not yet known who is behind the malware, but ESET told The Hacker News that PromptLock artifacts were uploaded to VirusTotal from the United States on August 25, 2025.

Interestingly, researchers at Cyberleaf are testing penetration tools that include observation and analysis of prompts to mitigate jailbreaking, poisoning, and exfiltration of sensitive data via AI chats and prompts.

For more information, reach out to us directly through the usual channels. A sample of the prompt is available from our team.

Be safe out there!