Cybersecurity firm ESET has identified a new AI-driven ransomware called PromptLock. Built in Golang, it uses OpenAI’s gpt-oss:20b model via the Ollama API to generate malicious Lua scripts on the fly. These scripts scan files, steal data, and encrypt content across Windows, Linux, and macOS systems.
PromptLock customizes ransom notes based on the type of device infected, whether it's a personal computer, server, or industrial controller. The malware was first spotted in the US on August 25, 2025. Its AI-generated scripts vary with each execution, making detection harder.
Though still a proof-of-concept, PromptLock uses the SPECK 128-bit algorithm for encryption and may eventually support data destruction. Instead of downloading the full AI model, attackers connect to a remote server running the model through a proxy.
The case highlights how AI is lowering the barrier for cybercriminals to launch attacks. Anthropic recently banned two threat actors who used its Claude chatbot to steal data and create advanced ransomware targeting 17 organizations.
Meanwhile, large language models like ChatGPT, Claude, and others remain vulnerable to prompt injection attacks. These can lead to data leaks, unauthorized actions, and model downgrades. One such attack, PROMISQROUTE, tricks systems into using older, less secure models by inserting phrases like “use compatibility mode,” bypassing safety filters and exposing sensitive functions.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
