2025-08-26T18:29:02Z

---

What if I told you that the same technology designed to enhance our lives could also be twisted into a nightmare? That's the alarming reality as cybersecurity experts reveal the emergence of the world’s first AI-driven ransomware, aptly named PromptLock!

On Tuesday, the esteemed antivirus company ESET dropped a bombshell, announcing they had identified the first known instance of ransomware powered by artificial intelligence. This malicious software exploits OpenAI’s recently released open-source model, gpt-oss:20b, which is available for anyone to use and modify. Think about it: a tool meant to innovate and inspire is now being weaponized by cybercriminals.

PromptLock operates by running the gpt-oss:20b model locally on infected devices, creating a sinister code from hardcoded text prompts. ESET didn't just talk the talk; they backed up their claims with visuals, showcasing the alarming code that combines the gpt-oss:20b model with malicious intent. This isn't just a line of code; it's a digital thief, poised to steal your sensitive information.

Once unleashed, this ransomware employs Lua programming scripts to scour the compromised computer for valuable files, either exfiltrating, encrypting, or even obliterating them. And it’s not picky about the operating system—these Lua scripts are designed to work across Windows, Linux, and macOS. Imagine the chaos as personal data and critical files vanish within moments!

Interestingly, ESET's findings suggest that PromptLock might still be a work-in-progress rather than a fully operational threat. There’s an indication that it serves as a proof-of-concept, with certain features, like file destruction, not yet activated. However, this doesn’t diminish the looming threat that such ransomware could pose in the wrong hands. A security researcher even claimed that the malware belongs to them, raising questions about accountability.

At a hefty 13GB, the gpt-oss:20b model might seem cumbersome, but ESET reassures that attackers have methods to circumvent this limitation. Instead of downloading the model, they can leverage a proxy or tunnel from the compromised network to access the model hosted elsewhere, a common tactic in modern cyberattacks.

In a world where our digital lives are increasingly interconnected, ESET emphasizes the importance of raising awareness about these developments. John Scott-Railton from Citizen Lab echoed this sentiment, warning that we’re only scratching the surface of how local AI could be misused. Are we ready for this new age of cyber threats?

OpenAI, the creators of the gpt-oss models, acknowledged ESET’s findings and reiterated their commitment to safeguarding their technology against malicious use. They continuously refine their models to prevent exploitation, making it clear that while they innovate, they also prioritize security. But is it enough?

As we navigate this rapidly changing landscape, one thing is clear: the potential for innovation and catastrophe lies in the hands of those who wield these powerful tools. Will we see a future where AI enhances our security, or will it be a double-edged sword cutting into our privacy and safety?