Threat researchers have identified PromptLock, an AI-powered ransomware that uses Lua scripts generated via OpenAI’s gpt-oss:20b model to target multiple operating systems. Although currently a proof-of-concept, it demonstrates how AI can be weaponized for cybercriminal activities, leveraging cross-platform capabilities and evasion techniques. #PromptLock #AI ransomware
Keypoints
- PromptLock is the first AI-powered ransomware utilizing Lua scripts for data theft and encryption.
- The malware dynamically generates malicious scripts using OpenAI’s gpt-oss:20b model accessed through the Ollama API.
- It uses the lightweight SPECK 128-bit encryption algorithm, which is unusual for ransomware purposes.
- Currently, PromptLock appears to be a concept or proof-of-concept, not an active threat in the wild.
- The development signifies increasing potential for AI integration in malware workflows and cybercrime tools.