Cybersecurity researchers have discovered PromptLock, a proof-of-concept ransomware that leverages AI to generate malicious scripts. Written in Go, PromptLock uses OpenAI's GPT-OSS:20b model via the Ollama API to create Lua scripts on the fly. These scripts are designed to enumerate file systems, inspect files, exfiltrate data, and perform encryption across Windows, Linux, and macOS. The malware uses hard-coded prompts to generate the scripts, introducing variability that complicates threat detection.
PromptLock employs the SPECK 128-bit encryption algorithm to lock files. While the ransomware has the potential to exfiltrate or destroy data, the destruction functionality is not yet fully implemented. The discovery highlights how AI tools can automate and enhance ransomware attacks, potentially adapting tactics and increasing speed.
Although PromptLock is currently a proof-of-concept, its emergence signals a new era of AI-powered cyber threats. The use of AI to generate attack scripts in real-time could significantly challenge traditional detection methods, requiring defenders to adapt to more dynamic and sophisticated threats.
Subscribe for Weekly Updates
Stay ahead with our weekly AI and tech briefings, delivered every Tuesday.
