Warning: AI-Powered Ransomware Is Real and in the Wild

Warning: AI-powered ransomware is real and in the wild

As if there weren't enough privacy concerns in the world, AI ransomware is now reportedly a thing. Cybersecurity firm ESET said that it discovered the first-ever AI-powered ransomware, which it has dubbed PromptLock. "The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes," the company wrote. The ransomware, according to ESET, runs locally on d…

ESET discovers PromptLock, the first AI-powered ransomware - Journal of Cyber Policy

DUBAI , DUBAI, UNITED ARAB EMIRATES, August 30, 2025 /EINPresswire.com/ — ESET researchers have uncovered a new type of ransomware that leverages generative artificial intelligence (GenAI) to execute attacks. Named PromptLock, the malware runs a locally accessible AI language model to generate malicious scripts in real time. During infection, the AI autonomously decides which files to search, copy, or encrypt — marking a potential turning point …

AI-Powered Ransomware "PromptLock" Marks a Dangerous New Chapter in Cybercrime

ESET researchers have uncovered what may be the first ransomware family to weaponize an open-weight large language model in real time, raising the stakes in the cat-and-mouse race between attackers and defenders.The malware, dubbed PromptLock, is written in Golang and calls OpenAI’s recently released gpt-oss:20b model via the Ollama API. Instead of shipping with static code, PromptLock generates Lua scripts on the fly to scan files, exfiltrate s…