Mastodawn

📣 NEW VIDEO ALERT!

I've resurrected my YouTube channel to dive into Prompt Lock ransomware. Discovered by ESET and branded as "first known AI-powered ransomware.", it caused a lot of buzz in the media earlier this year.

Even though this was exposed just as a Proof-of-Concept, I was curious how it would perform in the lab environment. I didn't see anyone actually testing this malware before so, I've done just that. Does it live up to the hype? Is AI-driven ransomware the future of threat?

Spoiler alert: It failed miserably. 🤯

In this video, we go deep into the reverse engineering:

Setting up the lab: Using LMStudio and Burp Suite to successfully proxy the malware's Ollama API calls to a local LLM server.

Watching it run: We analyze the verbose Lua script generation chain in real-time.

The Flop: We uncover the hilarious and critical failure points, including massive LLM hallucinations where it invented sensitive files (Resumes, Bank Statements, Medical Records) that didn't exist, and completely botched the final ransom note!

This highlights the critical limitations of integrating LLMs into live exploit chains.

Watch the full breakdown and the spectacular failure here: https://www.youtube.com/watch?v=-qex_aqN3LA

#Cybersecurity #Ransomware #AI #LLM #MalwareAnalysis #ReverseEngineering #PromptLock #ThreatIntelligence #MalfindLabs

Show thread

Kevin Beaumont Sep 7, 2025

As a follow up, The Register did the actual journalism on this and yes - the #PromptLock generative AI ransomware story which went worldwide was bullshit. https://www.theregister.com/2025/09/05/real_story_ai_ransomware_promptlock/

The CVE-2025-7775 generative AI exploit story also worldwide right now is also bullshit, I don't have the energy to explain why (hint: several of the Netscaler versions shown in the CheckPoint write up aren't even vulnerable).

The crazy, true story behind the first AI-powered ransomware

interview: tldr; boffins did it

The Register

Mateusz Chrobok Sep 4, 2025

Na razie to proof of concept, ale zobaczymy co przyniesie przyszłość.

Źródła:
https://zurl.co/gsZXI
https://zurl.co/M7ayX

#cyberbezpieczeństwo #eset #ransomware #promptlock

Show thread

Pascal Leinert Sep 4, 2025

Im Grunde hat man es hier bei #PromptLock, wenn auch noch eingeschränkt, mit einer Art Proto-Skynet oder Proto-Borg zu tun und das ist selbst für mich als Befürworter von KI verdammt beängstigend, besonders wenn man bedenkt, wie schnell sich AI entwickelt. Gegen eine AGI wäre die Menschheit chancenlos.

Pascal Leinert Sep 4, 2025

Wenn es bereits ein Proof of Concept eines KI-Virus gibt, dann ist die Büchse der Pandora bezüglich eines selbstlernenden Computerprogramms, dass sich unkontrolliert ausbreiten kann, bereits geöffnet und unaufhaltbar.

#PromptLock

https://www.youtube.com/watch?v=cvTi94_Zdlw

PromptLock The first AI Virus

YouTube

jpmellojr Sep 3, 2025

The first AI-borne ransomware, PromptLock, has arrived. It uses an open-source LLM to create adaptive malware, marking a new era in cyber threats. https://jpmellojr.blogspot.com/2025/09/the-future-is-here-ai-borne-ransomware_3.html #AIBorneRansomware #PromptLock #ESET #Malware #AI

Show thread

ESET Research Sep 3, 2025

UPDATE: #ESETresearch was contacted by the authors of an academic study, whose research prototype closely resembles the discovered #PromptLock samples found on VirusTotal:

Ransomware 3.0: Self-Composing and LLM-Orchestrated (arXiv) https://arxiv.org/abs/2508.20444

This supports our belief that it was an proof of concept rather than fully operational malware deployed in the wild. Nonetheless, our findings remain valid - the discovered samples represent the first known case of AI-powered ransomware.

ccinfo.nl Sep 1, 2025

https://www.ccinfo.nl/menu-nieuws-trends/nieuwsbrief-archief/nieuwsbrief-berichten/2682455_nb381-ai-trojan-hook-promptlock-ransomware-en-datalekken-in-nl-en-be 

Inschrijven nieuwsbrief: https://www.ccinfo.nl/menu-nieuws-trends/nieuwsbrief

#WarlockRansomware #GoogleClassroomPhishing #PromptLock #CephalusRansomware #HelpdeskFraude

NB381: AI-trojan Hook, PromptLock-ransomware en datalekken in NL en BE / Nieuwsbrief berichten / Nieuwsbrief archief / Menu Nieuws & Trends | Cybercrimeinfo.nl

Nieuwsbrief 381 belicht actuele cybersecurity in NL & BE: AI-trojan Hook, PromptLock-ransomware, datalekken, kritieke CVE’s en phishingtrends.

nickbalancom Sep 1, 2025

This changes everything.
The first AI-generated ransomware has arrived — and it’s not a theory anymore.
PromptLock is a proof-of-concept malware that writes its own attack code using AI, adapts to any system, and encrypts files across platforms… all without human hackers.
The age of AI-assisted cybercrime is no longer coming. It’s here.

🔗https://www.itpro.com/security/ransomware/security-researchers-have-just-identified-what-could-be-the-first-ai-powered-ransomware-strain-and-it-uses-openais-gpt-oss-20b-model

#CyberSecurity #AIThreats #Ransomware #PromptLock #AITools #Hacking #EthicalAI

sekurak News Aug 31, 2025

PromptLock – pierwszy znany na świecie Ransomware stworzony przez AI. Czy jest się czego bać?

Anton Cherepanov, badacz bezpieczeństwa z firmy ESET podczas rutynowej analizy próbek wrzucanych na portal VirusTotal, odkrył nowy wariant malware. Jego uwagę zwrócił plik (kod napisany w Golang), zawierający odwołanie do modelu gpt-oss-20b oraz instrukcje sterujące (prompty), umożliwiające generowanie potencjalnie złośliwych skryptów bezpośrednio w systemie ofiary. Nowo wykryty malware został rozpoznany...

#WBiegu #Ai #Awareness #Golang #Llm #Lua #Promptlock #Ransomware

https://sekurak.pl/promptlock-pierwszy-znany-na-swiecie-ransomware-stworzony-przez-ai-czy-jest-sie-czego-bac/

PromptLock - pierwszy znany na świecie Ransomware stworzony przez AI. Czy jest się czego bać?

Sekurak