Oh goody, the 'first known AI-powered ransomware' has been discovered and it 'may exfiltrate data, encrypt it, or potentially destroy it'

Like a cut episode of Black Mirror, a ransomware has been spotted that prompts AI to cause havoc in machines. Naturally, it's called PromptLock, and it reportedly uses OpenAI's gpt-oss-20b, which means it doesn't need a constant connection to the internet to operate.

According to Eset Research (via Tom's Hardware), this new ransomware uses "the Ollama API to generate malicious Lua scripts on the fly, which it then executes."

AI-powered is an operative term here. Promptlock isn't just ransomware that is created by a hacker generating code and then executing that code on a PC; it is instead said to be a series of prompts that are generated on your devices with scripts. According to Eset, these prompts suggest "the malware may exfiltrate data, encrypt it, or potentially destroy it. Although the destruction functionality appears to be not yet implemented." Phew.

Still, the fact this ransomware runs locally also means that it can avoid detection more easily, as it doesn't use any online resources. If your device connected to an unrecognised online source to get prompts, it would be much easier to spot long-term. Eset Research's original post states that the Bitcoin address present in the discovered prompts "appears to belong to Bitcoin creator [Satoshi Nakamoto]."

Eset's post also says that "multiple indicators suggest" the spotted ransomware is a proof of concept. This means it likely wasn't intended for full use, and this may explain why the ability to destroy files was not implemented. Windows and Linux versions of the tool were spotted and flagged. The fact that it is only a concept tool is perhaps rather worrying, as it could imply future, more sophisticated AI-powered ransomware is under development, or ransomware not currently caught.

Naturally, a good way to avoid this (or any) ransomware, is to only download and execute trusted files. As well as this, not running an AI locally would render this specific ransomware obsolete. I don't think I needed much convincing not to set up local AI models anyway.

Hey, if AI can power ransomware, and if we can power ransomware protection with AI too, maybe we can just put them both into one black box and let them fight it out for control of your PC. I feel like I've read a science fiction novel about this. Or perhaps I should write one, anyway. Just don't let ChatGPT do it for you.