ESET found PromptLock, the first AI-driven ransomware, using OpenAI’s gpt-oss:20b via Ollama to generate and run malicious Lua scripts.
In a series of messages published on X, ESET Research announced the discovery of the first known AI-powered ransomware, named PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly and execute them.
PromptLock uses AI-generated Lua scripts to scan files, steal data, and encrypt them. The Lua scripts are multi-platform, they can be executed on Windows, Linux, and macOS. The ransomware is written in Golang, ESET has identified both Windows and Linux variants uploaded to VirusTotal.
PromptLock can steal or encrypt user data, however, the experts noticed that a data destruction feature was present but not yet implemented.
“Based on the detected user files, the malware may exfiltrate data, encrypt it, or potentially destroy it. Although the destruction functionality appears to be not yet implemented. #Bitcoin address used in the prompt appears to belong to Bitcoin creator Satoshi Nakamoto.” states ESET Research.
PromptLock ransomware utilizes the SPECK 128-bit encryption algorithm. ESET experts believe the malicious code is likely a PoC or work-in-progress, but warn the cybersecurity community of its potential risks.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, ransomware)