PromptLock is an AI-powered ransomware proof-of-concept that uses Open AI's gpt-oss-20b model running locally via the Ollama API to generate malicious Lua scripts on infected devices. The generated Lua scripts enumerate local filesystems, inspect target files, exfiltrate selected data, and perform encryption across Windows, Linux, and macOS systems. The malware is written in Go and uses SPECK 128-bit encryption. It decides actions based on file type and contents, with destructive functionality appearing unimplemented. Windows and Linux samples were uploaded to VirusTotal. The emergence shows local AI models can simplify and automate cyberattack stages.
The PromptLock malware uses Open AI's gpt-oss-20b model, which is one of the two free open-weight models the company released earlier this month. It runs locally on an infected device through the Ollama API, and it generates malicious Lua scripts on the fly, likely to make detection more difficult. "PromptLock leverages Lua scripts generated from hard-coded prompts to enumerate the local filesystem, inspect target files, exfiltrate selected data, and perform encryption," the researchers explained, adding that the Lua scripts work on Windows, Linux, and macOS machines.
"Although multiple indicators suggest the sample is a proof-of-concept (PoC) or work-in-progress rather than fully operational malware deployed in the wild, we believe it is our responsibility to inform the cybersecurity community about such developments," Cherepanov and Strycek wrote. However, despite the lack of in-the-wild PromptLock infections, the discovery does show that AI has made cybercriminals' attack chains that much easier, and should serve as a warning to defenders.
Collection
[
|
...
]