A team of engineers at New York University set out to develop a research paper on the intersection of AI and ransomware. But within a week, they had created a proof-of-concept for a full-fledged AI-driven ransomware attack—and it left the cybersecurity world in stitches.
When AI becomes a ransomware PromptLock not only encrypts data, but also writes personalized ransom notes. (Source: MSN)
Ransomware Attack Powered Entirely by AI
The AI system developed by the NYU team can perform all four stages of a ransomware attack:
- Create malware in Lua language, customized according to victim machine configuration
- Scan IT systems to identify high-value files
- Data encryption
- Write personalized ransom letters based on user information
Unlike traditional ransomware, this AI targets only specific files, making it harder to detect. Each time it runs, the malware is generated differently (polymorphic), helping it avoid being recognized by security software.
"It specifically targets a few files, so it's much harder to detect. Furthermore, the attack is highly personalized. It's polymorphic, so every time you run it on different systems, or even multiple times on the same system, the code generated will never be the same," explains PhD student Md Raz of the research team.
While this was just a controlled experiment, it shows how AI can be used to launch more sophisticated cyberattacks. Experts warn that in the wrong hands, the technology could cause serious damage to organizations and individuals.
PromptLock: Ransomware 3.0 in the AI era
To better understand the nature and operating mechanism of this system, we need to explore PromptLock – the world's first ransomware completely controlled by artificial intelligence.
PromptLock uses OpenAI's large gpt-oss:20b language model, deployed via the Ollama API. Instead of downloading the entire gigabyte-sized model, the system simply connects to a server running the model to generate Lua malware in real time.
ESET – a Slovakian cybersecurity company – confirmed that PromptLock is a PoC but warned that if it were actually deployed, it could have serious consequences. The indicators of attack (IoCs) constantly change between executions, making detection and containment more difficult.
Even other AI systems like Claude, ChatGPT, GitHub Copilot are being exploited through “prompt injection” techniques – where bad actors trick AI into performing unauthorized actions such as deleting files, stealing data or making financial transactions.
Thanks to AI: Just one natural language command is enough to start the entire ransomware attack cycle. (Source: Thehackernews)
“Even though it was just a prototype, the system was sophisticated enough to convince cybersecurity experts that it was real malware,” said Md Raz, lead author of the PromptLock study. This shows that AI has reached a level where it can automate attacks without human intervention.
Source: https://vtcnews.vn/ma-doc-tong-tien-dau-tien-do-ai-dieu-khien-promptlock-thach-thuc-an-ninh-mang-ar965501.html
![[Photo] General Secretary To Lam chairs a working session with the Standing Committee of the Government Party Committee](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/17/cf3d855fdc974fa9a45e80d380b0eb7c)
![[Photo] Science and Technology Trade Union honors exemplary workers and excellent union officials](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/17/842ff35bce69449290ec23b75727934e)
Comment (0)