First known ransomware that uses Artificial Intelligence to operate.

The game has changed. #ESETResearch has uncovered #PromptLock, the first known #ransomware that uses #artificial #intelligence to operate.

This isn't a pre-programmed #attack. Written in #Golang, this novel #malware leverages a local, #open-source #AI model (gpt-oss:20b) and the Ollama API to write its own #malicious Lua scripts on the fly.

They have identified both #Windows and #Linux variants of this #ransomware uploaded to VirusTotal.

This means the #attack #code can change with every #execution, making it incredibly difficult for traditional #security solutions to keep up.

ESET have named this threat Filecoder.PromptLock.A.
IoCs (Indicators of Compromise):
📄 24BF7B7B72F54AA5B93C6681B4F69E579A47D7C102
AD223FE2BB4563446AEE5227357BBFDC8ADA3797
BB8FB75285BCD151132A3287F2786D4D91DA58B8
F3F4C40C344695388E10CBF29DDB18EF3B61F7EF
639DBC9B365096D6347142FCAE64725BD9F73270
161CDCDB46FB8A348AEC609A86FF5823752065D2

This is a wake-up call for the cybersecurity industry.

We need to prepare for a new era of polymorphic, AI-driven threats.

#Ransomware #AI #Cybersecurity #PromptLock #ESETResearch #Threats #Infosec #Golang

0 comments:

Post a Comment

Twitter Facebook Favorites More