ESET has announced the discovery of PromptLock, an AI-powered ransomware that uses OpenAIβs gpt-oss:20b model to generate malicious Lua scripts across multiple platforms. This proof-of-concept malware demonstrates how AI can complicate detection, exfiltrate data, and encrypt files, highlighting emerging cybersecurity threats associated with AI technology. #PromptLock #OllamaAPI
Keypoints
- PromptLock is an AI-powered ransomware leveraging local AI models via the Ollama API to generate malicious scripts.
- It uses Lua scripts that can operate across Windows, Linux, and macOS to perform file enumeration, exfiltration, and encryption.
- The ransomware employs the SPECK 128-bit encryption algorithm to lock files, although it may also exfiltrate or destroy data.
- This malware case highlights how AI can significantly hinder threat detection due to variable indicators of compromise.
- The development signifies an increasing trend of cybercriminals using AI for malware creation and evasive tactics.
Read More: https://thehackernews.com/2025/08/someone-created-first-ai-powered.html