The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PromptLock AI-Powered Ransomware

Sep 5, 2025 2:36:00 PM / by The Hivemind

PROMPTLOCKVerticals Targeted: None yet
Regions Targeted: None yet
Related Families: None

Executive Summary

PromptLock is the first known AI-powered ransomware, a proof-of-concept malware written in Golang that leverages the gpt-oss-20b model to generate malicious Lua scripts for data exfiltration and encryption. While not yet observed in active attacks, PromptLock signals the potential for AI to amplify ransomware threats across Windows and Linux systems.  

Key Takeaways

  • PromptLock utilizes OpenAI’s gpt-oss-20b model via the Ollama API to dynamically generate malicious Lua scripts.  
  • PromptLock is written in Golang, with variants targeting both Windows and Linux platforms.  
  • PromptLock is capable of enumerating filesystems, exfiltrating data, and encrypting files, though data destruction remains unimplemented.  
  • PromptLock demonstrates how accessible AI tools can lower the barrier for less skilled attackers to deploy sophisticated ransomware.  

What is PromptLock?

PromptLock is a proof-of-concept (PoC) malware dubbed the first AI-powered ransomware. Detailed in a recent ESET analysis, PromptLock showcases how publicly available AI tools can be weaponized to enhance the capabilities of malicious software, posing a significant concern for cybersecurity professionals and organizational leaders. While not yet observed in active attacks, its sophisticated design suggests a potential evolution in ransomware tactics, leveraging artificial intelligence to automate and scale malicious operations.  

PromptLock, written in the versatile and cross-platform Golang programming language, targets both Windows and Linux systems. Its core functionality revolves around the integration of OpenAI’s gpt-oss-20b model, accessed locally through the Ollama API, to dynamically generate malicious Lua scripts. These scripts are created in real time, based on hardcoded prompts embedded within the malware, enabling it to perform a range of malicious activities. Specifically, PromptLock uses these scripts to enumerate the local filesystem, inspect target files, exfiltrate selected data to a command-and-control (C2) server, and encrypt files to hold them for ransom. ESET researchers note that while the malware includes the potential for data destruction, this capability has not been fully implemented in the analyzed samples, suggesting PromptLock may still be a work in progress.  

The use of Golang, increasingly popular among malware authors due to its cross-platform compatibility and ease of development, allows PromptLock to operate seamlessly across diverse environments. The incorporation of AI-driven script generation marks a significant departure from traditional ransomware, which typically relies on static or pre-programmed payloads. By leveraging AI, PromptLock can potentially adapt to its environment, tailoring its actions to the specific system it infects. This adaptability could enable attackers to automate reconnaissance, data theft, and encryption at unprecedented speed and scale, amplifying the impact of ransomware campaigns.  

ESET’s findings highlight broader implications for the cybersecurity landscape. The accessibility of AI tools, such as those used by PromptLock, lowers the technical barrier for less sophisticated threat actors, enabling them to deploy advanced malware with minimal expertise. This democratization of malicious capabilities aligns with trends observed in phishing and deepfake attacks, where AI has already been used to craft convincing lures. As ransomware continues to be a preferred tool for both cybercriminals and advanced persistent threat (APT) groups, the integration of AI could drive a surge in attack volume and severity, challenging organizations’ defensive measures.  

While PromptLock remains a PoC, its discovery underscores the need for proactive defenses against AI-enhanced threats. Organizations must prioritize advanced detection mechanisms and stay informed about emerging threats to mitigate the risks posed by such innovative malware. Although it is only a PoC at this time, PolySwarm analysts consider PromptLock to be an example of the types of emerging AI-powered malware threats we can expect to see on the threat landscape in the near future.  

IOCs

PolySwarm has multiple samples of PromptLock and is actively monitoring for additional samples.

 

1458b6dc98a878f237bfb3c3f354ea6e12d76e340cefe55d6a1c9c7eb64c9aee

2755e1ec1e4c3c0cd94ebe43bd66391f05282b6020b2177ee3b939fdd33216f6

 

You can use the following CLI command to search for all PromptLock samples in our portal:

$ polyswarm link list -f PromptLock

 

Don’t have a PolySwarm account? Go here to sign up for a free Community plan or subscribe.

Contact us at hivemind@polyswarm.io | Check out our blog | Subscribe to our reports.

 

Topics: Threat Bulletin, Data Exfiltration, Linux Malware, Windows Malware, file encryption, proof of concept, AI-powered ransomware, PromptLock malware, AI cybersecurity threats, Golang ransomware, Lua scripts, POC

The Hivemind

Written by The Hivemind

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts