Security researchers at ESET have identified the first known instance of AI-powered ransomware, dubbed PromptLock. This development raises significant alarms regarding the evolving landscape of cyber threats, particularly as generative AI becomes increasingly integrated into malicious activities.
The researchers, Peter Strycek and Anton Cherepanov, described PromptLock as a proof of concept that utilizes Lua scripts generated from hard-coded prompts. This malware can scan local filesystems, analyze target files, exfiltrate chosen data, and encrypt sensitive information. Although it is primarily a proof-of-concept, the implications for cybersecurity are profound.
How PromptLock Operates
PromptLock leverages OpenAI’s gpt-oss:20b model, which was publicly released in August 2025. This model operates locally through the Ollama API, allowing it to produce malicious Lua scripts dynamically. The cross-platform compatibility of Lua scripts means that PromptLock can function on various operating systems, including macOS, Linux, and Windows. Once it scans user files, the ransomware can determine which data it deems valuable for exfiltration or encryption.
The researchers noted the necessity of alerting the cybersecurity community to such developments, stating, “Although multiple indicators suggest the sample is a proof-of-concept or work-in-progress rather than fully operational malware deployed in the wild, we believe it is our responsibility to inform the cybersecurity community about such developments.”
Implications for Cybersecurity
The emergence of PromptLock is a clear indication of how generative AI is transforming the capabilities of cybercriminals. Security experts have been warning for months that AI-enhanced ransomware was on the horizon, and while PromptLock has yet to be observed targeting victims, it is only a matter of time before it surfaces in real-world attacks.
The unpredictable nature of large language models (LLMs) complicates detection efforts for cybersecurity teams. Since LLMs can produce different outputs even with identical prompts, their behavior becomes erratic, making it harder for defenders to predict and counteract attacks. This unpredictability not only makes the entry barrier lower for inexperienced hackers but also increases the overall threat level in the cyber landscape.
As cyber threats evolve, security teams must remain vigilant and adaptive to new technologies employed by attackers. The advent of AI-powered ransomware like PromptLock serves as a stark reminder of the challenges that lie ahead in safeguarding sensitive data and maintaining cybersecurity in a rapidly changing environment.
