Cybersecurity is in constant evolution, driven by rapid technological advancements that, while opening new possibilities to improve the protection of data and systems, also provide cybercriminals with increasingly sophisticated tools to carry out attacks. In particular, the rise of artificial intelligence (AI) has transformed the landscape of cyber threats.
What was once a field reserved for programming experts is now within reach of any attacker, thanks to the availability of advanced technologies on general-use platforms. This democratization of AI has allowed cybercriminals to design and execute much more complex and harder-to-detect attacks, which increases the urgency of strengthening cyber defenses.
In this context, the recent discovery of PromptLock, the first ransomware powered by generative AI, has alerted the cybersecurity community to the growing danger of AI-based cyber threats. This PromptLock malware not only marks a milestone by integrating advanced AI techniques to compromise systems, but it also sets a worrying precedent for the future of cyberattacks.
What distinguishes PromptLock is its ability to adapt and evolve autonomously, allowing it to evade traditional security measures and making it more difficult to detect. Researchers from ESET Research, who were key in identifying this PromptLock threat, have emphasized the critical implications of this technological evolution: the malicious use of AI not only threatens to make cyberattacks more destructive, but also opens the door to new forms of large-scale exploitation.
What is PromptLock?
PromptLock is a next-generation ransomware that uses generative artificial intelligence to carry out its attack cycle. Unlike traditional ransomware, which operates with predefined code that follows specific and fixed instructions to execute its tasks, PromptLock is based on an AI model capable of generating malicious scripts dynamically.
This particularity gives PromptLock a unique ability to adapt to the characteristics and configurations of the victim's system, which greatly complicates its detection. Thanks to this flexibility, conventional security solutions based on static pattern detection are seriously compromised, increasing the effectiveness of the attack.
PromptLock operates using OpenAI’s gpt-oss-20b model, accessible via the Ollama API, which gives it the ability to create real-time, customized scripts to perform tasks such as file inspection, data exfiltration, information encryption, and, in certain cases, file destruction. These malicious scripts are written in Lua, a lightweight, cross-platform programming language that allows it to run on Windows, Linux, and macOS systems.
One of the most striking features is that PromptLock can operate without needing to connect to external command and control (C&C) servers. This aspect makes PromptLock even harder to detect and neutralize, as traditional techniques for monitoring network traffic and C&C communications become ineffective.
Technical Features of PromptLock
One of the most revolutionary characteristics of PromptLock is its use of generative artificial intelligence. Like other types of malware, PromptLock's goal is to damage infected systems, but it does so in a much more flexible and adaptive way.
This PromptLock ransomware has the ability to generate scripts in real time, specifically designed for each victim. These PromptLock scripts adjust to the environment of the infected system, which means the malware can be executed more efficiently by adapting to the victim’s specific characteristics. Some of the functions these malicious scripts can perform include:
- File inspection: PromptLock has the ability to explore the affected system, scanning files and folders to identify valuable or sensitive data. This initial inspection allows the malware to prioritize the most interesting files for the attackers, optimizing the attack's effectiveness.
- Data exfiltration: Through the generated scripts, PromptLock can steal critical information from the victim, such as passwords, financial documents, personal information, or any confidential file that may be useful to cybercriminals.
- Information encryption: One of PromptLock’s most destructive functions is file encryption. It uses the 128-bit SPECK encryption algorithm, which is relatively fast and efficient, even on low-resource devices. Once the files are encrypted, the victim will not be able to access them until they pay the ransom demanded by the attackers.
- Data destruction: Although the data destruction capability has not been activated in the known version of PromptLock, the code includes the possibility of permanently deleting critical or important files. If this PromptLock function is enabled in future versions of the malware, it could significantly increase the damage to victims, as files could be irreversibly lost.
The Flexibility of AI in Script Generation
What truly sets PromptLock apart from traditional ransomware is the ability of generative AI to dynamically create scripts based on an analysis of the infected system. By using the Lua programming language—known for being lightweight, efficient, and cross-platform—PromptLock has the advantage of adapting to a wide variety of operating systems.
This means that the PromptLock ransomware can target a much broader range of devices than conventional ransomware, which are generally designed for specific platforms. However, the real concern lies in the fact that PromptLock does not follow a pre-established pattern of action, as is the case with other ransomware.
Instead of using a fixed set of instructions, PromptLock’s artificial intelligence constantly adjusts the commands and actions of the malware according to the characteristics of the compromised system. This real-time adaptability makes the behavior of PromptLock highly unpredictable, which further complicates its detection and neutralization.
Thanks to this adaptability, traditional security systems—which rely on the detection of known patterns and signatures—face greater difficulties in identifying the malware before it causes damage. Antivirus tools based on pattern or signature identification become ineffective against PromptLock, since the malware generates new scripts for each victim, preventing detection through signature databases.
The Encryption Algorithm: 128-Bit SPECK
An additional technical feature that stands out about PromptLock is its use of the 128-bit SPECK encryption algorithm. This algorithm was developed by the United States National Security Agency (NSA) and is designed to be efficient on systems with limited resources. Although the algorithm has been controversial regarding its security, its inclusion in PromptLock suggests that the ransomware’s creators are attempting to evade detection tools that are designed to identify more common and widely used encryption algorithms, such as AES.
The use of SPECK allows PromptLock to encrypt large amounts of data quickly and efficiently. This feature makes the ransomware more effective in encrypting the victim’s files, increasing the chances that the ransom will be paid to regain access to important files. As more individuals fall victim to this ransomware, ransom payments could become a significant source of revenue for the attackers.
Offline Operation: PromptLock’s Great Advantage
One of PromptLock’s most innovative features is its ability to operate completely offline. Unlike most traditional ransomware, which depends on external servers to receive instructions or updates, PromptLock does not need to be connected to the network in order to function. All the processing necessary to execute the attack is carried out autonomously on the victim’s system, without the need for external communications.
This capability gives PromptLock a crucial advantage in terms of evading detection. Many cybersecurity tools rely on monitoring network traffic for suspicious connections or communications with C&C servers. By operating offline, PromptLock reduces its visibility and, therefore, becomes much more difficult to identify in the early stages of the attack.
Moreover, autonomous operation means that cybersecurity teams, who often rely on traffic analysis to detect attacks, are less likely to detect this type of threat. This significantly extends the amount of time that the PromptLock ransomware can act without being detected.
Adaptability and the Possibility of Data Destruction
Another of PromptLock’s most dangerous features is its dynamic adaptability during the attack. While interacting with the infected system, the AI adjusts its actions and generates new scripts that adapt to the environment. This learning and evolving capability allows the malware to evade system defenses in real time. This type of adaptability makes PromptLock far more dangerous than traditional ransomware, as it becomes more difficult to detect and neutralize as the attack progresses.
Although the data destruction function is not yet enabled in the known version of PromptLock, the code suggests that this capability could be activated in future versions of the malware. If so, the threat would be even greater, as it could include the permanent deletion of critical files, significantly increasing the victims' losses.
Implications for Cybersecurity
The discovery of PromptLock represents a milestone in the evolution of cybercrime. This PromptLock ransomware is not only a threat due to its data encryption capabilities but also because of its ability to autonomously adapt and change, making it a much more complex challenge than previous threats. In addition, the use of generative AI to create customized scripts makes this type of malware particularly difficult to detect and neutralize with traditional tools.
The fact that tools like PromptLock are accessible through AI platforms such as OpenAI raises a series of concerns about the democratization of cybercrime. Even malicious actors with limited programming knowledge can now create highly effective malware using generative AI. This lowers the entry barrier for cybercriminals and expands the reach of attacks.
On the other hand, the discovery of PromptLock highlights the urgent need to improve detection strategies in the field of cybersecurity. Traditional security solutions—based on detecting signatures and patterns—will no longer be sufficient to face emerging threats. Defense systems will need to evolve toward dynamic and behavioral analysis to identify and neutralize attacks powered by generative AI.
The discovery of PromptLock marks a crucial turning point in cybersecurity, revealing how generative artificial intelligence can be leveraged to develop malware that is more sophisticated and autonomous than any previous threat. Unlike traditional ransomware, which relies on predefined and relatively simple methods, PromptLock has the ability to dynamically learn and adapt to the characteristics and configurations of the compromised system.
This PromptLock malware not only encrypts data but can also modify its behavior in real time to evade security defenses, making it a much more difficult threat to detect and neutralize. The inclusion of advanced cryptographic techniques and the ability to operate offline further reinforce its danger, allowing attackers to maintain control of the affected system even when communication with the command-and-control server is interrupted.
This technological advancement demands an equally advanced response in the field of cybersecurity. As artificial intelligence continues to evolve, it is imperative that security solutions adapt to the attackers' new techniques and capabilities.
Threat detection systems, for example, will need to incorporate more complex algorithms and machine learning strategies to identify anomalous behaviors that may indicate the presence of malware like PromptLock. Furthermore, it will be crucial for cyber defenses to anticipate potential attacks, learning from past threats and proactively adjusting to changes in the cyber threat landscape.
Finally, the fight against cyberattacks powered by generative artificial intelligence will require a joint effort from various stakeholders. Collaboration among cybersecurity experts, AI developers, and government authorities will be key to creating a more robust protection ecosystem. Public policy will also play a fundamental role in regulating AI technologies, ensuring they are used ethically and responsibly.
Only through collective and coordinated action will it be possible to mitigate the risks of this new wave of cyber threats and ensure digital security in an increasingly interconnected and vulnerable world. If you want to learn the latest in cybersecurity and be prepared for threats like PromptLock, write to us at [email protected]. We have a team of cybersecurity experts ready to provide the support you need.
EN 
ES