Cybersecurity researchers have identified what is believed to be the first ransomware strain powered by artificial intelligence, dubbed 'PromptLock.' This novel malware utilizes OpenAI's gpt-oss-20b model locally via the Ollama API to dynamically generate malicious Lua scripts. While currently considered a proof-of-concept, PromptLock's discovery signals a significant shift in malware development, demonstrating how readily available AI tools can automate and enhance cyber threats.

Key Takeaways

• PromptLock is the first known ransomware to use an AI model (OpenAI's gpt-oss-20b) to generate malicious code.

• It leverages Lua scripts, created on-the-fly from hard-coded prompts, for tasks like file enumeration, exfiltration, and encryption.

• The malware is written in Golang and has variants for both Windows and Linux.

• While not yet deployed in active attacks, it represents a potential future threat that could complicate detection and defense.

How PromptLock Operates

PromptLock's innovative approach involves using a locally run instance of OpenAI's gpt-oss-20b model. This AI model is instructed through specific prompts to generate Lua scripts. These scripts are designed to be cross-platform compatible, functioning across Windows, Linux, and macOS. The generated scripts then perform various malicious actions, including:

• System Enumeration: Gathering information about the infected system, such as the operating system, username, and hostname.

• File System Inspection: Scanning local files to identify targets, potentially looking for sensitive data.

• Data Exfiltration: Copying selected data from the compromised system.

• Encryption: Encrypting files using the SPECK 128-bit encryption algorithm.

ESET researchers noted that while a data destruction function appears to be defined within the malware, it has not yet been implemented. The use of AI-generated scripts means that indicators of compromise (IoCs) can vary with each execution, posing a significant challenge for traditional detection methods.

Implications and Future Concerns

Although PromptLock is currently assessed as a proof-of-concept or work-in-progress, its existence highlights a growing trend of threat actors integrating AI into their operations. AI's ability to automate tasks, craft convincing phishing content, and potentially adapt malware on the fly could lead to more sophisticated and evasive cyberattacks. Security experts warn that as AI models become more accessible and powerful, the cybersecurity community must prepare for a new era of dynamic, AI-driven malware that could significantly increase the volume and impact of ransomware campaigns.

Sources

• First known AI-powered ransomware uncovered by ESET Research, WeLiveSecurity.

• Security researchers have just identified what could be the first ‘AI-powered’ ransomware strain – and ituses OpenAI’s gpt-oss-20b model, IT Pro.

• First AI Ransomware ‘PromptLock’ Uses OpenAI gpt-oss-20b Model for Encryption, CyberSecurityNews.

• Someone Created the First AI-Powered Ransomware Using OpenAI's gpt-oss:20b Model, The Hacker News.

• First AI-powered ransomware PoC spotted • The Register, The Register.