In a groundbreaking development, cybersecurity researchers have identified PromptLock, the first known ransomware leveraging artificial intelligence (AI) to generate its malicious components. Discovered by the ESET Research team, PromptLock utilizes OpenAI’s `gpt-oss:20b` model via the Ollama API to create custom, cross-platform Lua scripts, marking a significant evolution in malware design.
While currently a proof-of-concept (PoC) and not yet deployed in active campaigns, PromptLock’s architecture demonstrates how threat actors are beginning to integrate local large language models (LLMs) to create more dynamic and evasive threats.
On-the-Fly Code Generation
Unlike traditional ransomware, which typically contains pre-compiled malicious logic, PromptLock carries hard-coded prompts that it feeds to a locally running `gpt-oss:20b` model. This approach allows the malware to generate and execute Lua scripts tailored for specific malicious activities, including:
– System Enumeration: Gathering system parameters like OS type, username, hostname, and current working directory, with cross-platform compatibility for Windows, Linux, and macOS.
– File System Inspection: Scanning the local filesystem to identify target files and analyze their contents, specifically looking for personally identifiable information (PII) or sensitive data.
– Data Exfiltration & Encryption: Once target files are identified, executing scripts to handle data exfiltration and subsequent encryption.
The use of Lua is strategic, as its lightweight and embeddable nature allows the generated scripts to run seamlessly across multiple operating systems, maximizing the malware’s potential target base. For its encryption payload, PromptLock utilizes the SPECK 128-bit block cipher, a lightweight algorithm suitable for this flexible attack model.
Indicators of Developmental Stage
ESET researchers emphasize that multiple indicators suggest PromptLock is still in a developmental stage. For instance, a function intended for data destruction appears to be defined but not yet implemented. Additionally, an unusual artifact was found within one of the prompts: a Bitcoin address that seemingly belongs to Satoshi Nakamoto, the pseudonymous creator of Bitcoin. While this is likely a placeholder or a misdirection, it adds a peculiar signature to this early-stage malware.
Implications for Cybersecurity
Despite its PoC status, ESET made the decision to disclose its findings publicly, highlighting the need for proactive defense against this emerging threat vector. As local LLMs become more powerful and accessible, security teams must prepare for a future where malware is no longer static but generated dynamically on victim machines.
The emergence of AI-driven ransomware like PromptLock underscores the evolving nature of cyber threats and the importance of staying ahead in the cybersecurity arms race.
