📣 NEW VIDEO ALERT!
I've resurrected my YouTube channel to dive into Prompt Lock ransomware. Discovered by ESET and branded as "first known AI-powered ransomware.", it caused a lot of buzz in the media earlier this year.
Even though this was exposed just as a Proof-of-Concept, I was curious how it would perform in the lab environment. I didn't see anyone actually testing this malware before so, I've done just that. Does it live up to the hype? Is AI-driven ransomware the future of threat?
Spoiler alert: It failed miserably. 🤯
In this video, we go deep into the reverse engineering:
Setting up the lab: Using LMStudio and Burp Suite to successfully proxy the malware's Ollama API calls to a local LLM server.
Watching it run: We analyze the verbose Lua script generation chain in real-time.
The Flop: We uncover the hilarious and critical failure points, including massive LLM hallucinations where it invented sensitive files (Resumes, Bank Statements, Medical Records) that didn't exist, and completely botched the final ransom note!
This highlights the critical limitations of integrating LLMs into live exploit chains.
Watch the full breakdown and the spectacular failure here: https://www.youtube.com/watch?v=-qex_aqN3LA
#Cybersecurity #Ransomware #AI #LLM #MalwareAnalysis #ReverseEngineering #PromptLock #ThreatIntelligence #MalfindLabs
As a follow up, The Register did the actual journalism on this and yes - the #PromptLock generative AI ransomware story which went worldwide was bullshit. https://www.theregister.com/2025/09/05/real_story_ai_ransomware_promptlock/
The CVE-2025-7775 generative AI exploit story also worldwide right now is also bullshit, I don't have the energy to explain why (hint: several of the Netscaler versions shown in the CheckPoint write up aren't even vulnerable).
Na razie to proof of concept, ale zobaczymy co przyniesie przyszłość.
Źródła:
https://zurl.co/gsZXI
https://zurl.co/M7ayX
#cyberbezpieczeństwo #eset #ransomware #promptlock
UPDATE: #ESETresearch was contacted by the authors of an academic study, whose research prototype closely resembles the discovered #PromptLock samples found on VirusTotal:
Ransomware 3.0: Self-Composing and LLM-Orchestrated (arXiv) https://arxiv.org/abs/2508.20444
This supports our belief that it was an proof of concept rather than fully operational malware deployed in the wild. Nonetheless, our findings remain valid - the discovered samples represent the first known case of AI-powered ransomware.
Inschrijven nieuwsbrief: https://www.ccinfo.nl/menu-nieuws-trends/nieuwsbrief
#WarlockRansomware #GoogleClassroomPhishing #PromptLock #CephalusRansomware #HelpdeskFraude
Nieuwsbrief 381 belicht actuele cybersecurity in NL & BE: AI-trojan Hook, PromptLock-ransomware, datalekken, kritieke CVE’s en phishingtrends.
This changes everything.
The first AI-generated ransomware has arrived — and it’s not a theory anymore.
PromptLock is a proof-of-concept malware that writes its own attack code using AI, adapts to any system, and encrypts files across platforms… all without human hackers.
The age of AI-assisted cybercrime is no longer coming. It’s here.
#CyberSecurity #AIThreats #Ransomware #PromptLock #AITools #Hacking #EthicalAI
ransomNews
Lasq
Kevin Beaumont
Mateusz Chrobok
Pascal Leinert
jpmellojr
ESET Research
ccinfo.nl
nickbalancom