Newly discovered AI-powered ransomware is a sign of things to come, but researchers say there isn’t cause to panic just yet.

Cybersecurity company ESET shared its discovery of new malware dubbed PromptLock this week. It uses an OpenAI model on the Ollama API to automate malicious scripts.

However, Senior Malware Researcher Anton Cherepanov told The Stack: “Although it shows a certain level of sophistication and novelty, the current implementation does not pose a serious threat.”

Proof of concept

PromptLock was discovered via crowdsourced malware monitoring platform VirusTotal but is believed to be a “proof of concept”, despite both Windows and Linux variants found online.

Cherepanov said the tool nevertheless highlighted a “significant shift in the cyber threat landscape” as AI makes it easier to launch sophisticated attacks with self-adapting malware.

“If properly implemented, such threats could severely complicate detection and make the work of cybersecurity defenders considerably more challenging,” he added.

PromptLock

PromptLock provides insight into how these tools could work in practice. It uses OpenAI’s open weight gpt-oss:20b model via the Ollama API to generate malicious Lua scripts from hard-coded prompts.

To avoid downloading the entire model to an affected system, attackers can establish a proxy or tunnel from the network to a server running the Ollama API.

ESET said it has not had communication with OpenAI or Ollama about its discovery.

It explained the generated Lua scripts are able to enumerate the local file system, inspect target files, exfiltrate data, and perform encryption using the SPECK 128-bit algorithm across Windows, Linux and macOS systems.

Interrogation of the malware also showed it was capable of destroying data and generating a ransom note, getting the LLM to cooperate by telling it “you are a cybersecurity expert" and asking for "what an attacker note might look like."

A screenshot of an AI model prompt informing a model to generate "what an attacker note might look like."
The prompt for PromptLock to generate a ransom note. Image Credit: ESET

Alarms about AI-powered malware have already been raised by most cybersecurity experts, with the industry seeing a rise in threat actors using AI to facilitate quicker, more complex attacks.

In a blog post, Cherepanov said the rise of AI malware could also put the public at greater risk of attack, adding “the average person may face higher risks of data theft, financial loss and service disruptions.”

While the technology will make attacks harder to detect, he told The Stack the executables responsible for generating the Lua scripts in PromptLock remain consistent.

This means that, for now, “robust security solutions could flag these executables as malicious.”

The link has been copied!