ESET Uncovers “PromptLock” AI-Driven Ransomware Threat
▼ Summary
– ESET discovered the first known AI-powered ransomware, named PromptLock, which generates malicious scripts on infected machines using an AI model.
– The ransomware is written in Go and appears to be a proof-of-concept or work-in-progress rather than fully functional malware deployed in the wild.
– PromptLock uses the GPT-OSS:20b AI model via the Ollama API to generate Lua scripts that enumerate files, exfiltrate data, and encrypt files using the NSA-developed SPECK algorithm.
– The generated Lua scripts are cross-platform and can run on Windows, macOS, and Linux, but the ransomware’s destructive functionality is not yet implemented.
– An attacker can connect through a proxy or tunnel from a compromised network to a server running the Ollama API, and the Bitcoin address in the prompt is associated with Satoshi Nakamoto.
Cybersecurity researchers at ESET have identified a novel ransomware strain named PromptLock, marking what appears to be the first publicly documented case of AI-driven ransomware capable of generating malicious scripts dynamically on infected systems. This development underscores a growing trend of threat actors incorporating artificial intelligence into their attack toolkits, raising new challenges for defensive strategies.
The malware, written in the Go programming language, has been shared via Google’s VirusTotal platform, allowing other security experts to analyze its behavior. Current evidence suggests that PromptLock remains in a developmental or proof-of-concept stage rather than being actively deployed in real-world attacks. Its architecture relies on accessing the open-source GPT-OSS:20b model from OpenAI through the Ollama API to produce Lua-based scripts tailored for malicious activity.
Notably, the ransomware avoids downloading the massive AI model, which spans several gigabytes, directly onto compromised devices. Instead, attackers can route commands through a proxy or tunnel from an infected network to a server already running the Ollama service. This design minimizes local footprints and complicates detection.
Using hard-coded prompts, PromptLock generates Lua scripts that perform a range of hostile actions: scanning the local file system, inspecting specific files, exfiltrating sensitive data, and encrypting content. One of the prompts instructs the AI to implement the NSA-developed SPECK encryption algorithm, a 128-bit cipher chosen for its speed in scrambling files efficiently.
The cross-platform nature of Lua allows these scripts to operate across Windows, macOS, and Linux environments, broadening the potential impact of the threat. Although the malware includes code for destructive functions, these capabilities do not appear to be active in the current samples.
An intriguing detail within the code is the use of a Bitcoin address linked to Satoshi Nakamoto, the pseudonymous creator of Bitcoin. This may serve as a placeholder or an attempt to obscure the attacker’s actual payment destination.
ESET continues to analyze PromptLock and its implications for the cybersecurity landscape, emphasizing the need for advanced behavioral detection and robust network monitoring to counter AI-augmented threats.
(Source: ITNews)
