Cybersecurity researchers have discovered PromptLock, a proof-of-concept ransomware that leverages AI to generate malicious scripts. Written in Go, PromptLock uses OpenAI's GPT-OSS:20b model via the Ollama API to create Lua scripts on the fly. These scripts are designed to enumerate file systems, inspect files, exfiltrate data, and perform encryption across Windows, Linux, and macOS. The malware uses hard-coded prompts to generate the scripts, introducing variability that complicates threat detection.
PromptLock employs the SPECK 128-bit encryption algorithm to lock files. While the ransomware has the potential to exfiltrate or destroy data, the destruction functionality is not yet fully implemented. The discovery highlights how AI tools can automate and enhance ransomware attacks, potentially adapting tactics and increasing speed.
Although PromptLock is currently a proof-of-concept, its emergence signals a new era of AI-powered cyber threats. The use of AI to generate attack scripts in real-time could significantly challenge traditional detection methods, requiring defenders to adapt to more dynamic and sophisticated threats.
Related Articles
Claude AI thwarts cyberattacks
Read more about Claude AI thwarts cyberattacks →
DeepSeek releases V3.1 model
Read more about DeepSeek releases V3.1 model →
Altman Acknowledges AI Market Bubble
Read more about Altman Acknowledges AI Market Bubble →
OpenAI unveils GPT-5 Enterprise
Read more about OpenAI unveils GPT-5 Enterprise →