ESET researchers exposed PromptLock, the world’s first ransomware written using artificial intelligence.
This is a PoC demonstrating the potential of using a local LLM (gpt-oss:20b via Ollama API) to create Lua scripts in real time, used for file scanning, data theft, and encryption.
The ransomware is written in Golang, runs on Windows and Linux, and uses the SPECK 128-bit encryption algorithm. Its uniqueness lies in the fact that each execution generates different and dynamic code, making it difficult for signature-based detection systems to stop it.
Although this is a demonstration and not a real attack, researchers warn that integrating AI into ransomware could make advanced capabilities accessible even to criminals with little technical knowledge, creating a new generation of more sophisticated ransomware.
ESET’s recommendations for dealing with this are maintaining proper backups, monitoring dynamic script creation, and preparing defenses against AI-based attacks.
#Ransomware #AI #PromptLock #ESET #CyberThreats #Malware
No comments:
Post a Comment