Alert on Promptlock, the first AI-powered ransomware that is nearly undetectable

Ransomware is a type of computer virus in the form of malware that cybercriminals use to block access or encrypt files on a device and demand money in exchange for restoring access . Until now, this malware was typically created by teams of specialized programmers, but cybersecurity company ESET has discovered the first one powered by generative AI . Its name is Promptlock , and here's how it works.

This is how Promptlock attacks, the first AI-powered ransomware

As ESET explains, this ransomware doesn't work like a traditional virus . Instead of having pre-prepared code, it uses an artificial intelligence language available for free on the internet. This AI allows it to instantly create malicious instructions (scripts) that adapt to the infected system (Windows, Linux, or macOS).

When PromptLock is inside a computer, it scans files and, depending on the commands given to it, copies them to steal them or encrypts them to block access . It also has an option that could destroy them, although it claims to be disabled. The ransomware uses a 128-bit encryption system and is written in a programming language called Golang .

Researchers explain that this virus is very dangerous, as it only requires configuring an AI model for the malware to create and adapt itself . This also makes detection and defense against potential attacks much more difficult. Early versions have already been detected on analysis platforms such as VirusTotal.

ESET considers it a proof of concept, but insists the risk is real , so the company has decided to share the technical details to raise awareness and alert the cybersecurity community. To be exact, the malware has been classified as Filecoder.PromptLock and is another example of how AI can be used for malicious purposes if it falls into the wrong hands.