Ah sweet, robot-made horror beyond my comprehension.
(Image credit: Bethesda)
Like a cut episode of Black Mirror, a ransomware has been spotted that prompts AI to cause havoc in machines. Naturally, it's called PromptLock, and it reportedly uses OpenAI's gpt-oss-20b, which means it doesn't need a constant connection to the internet to operate.
According to Eset Research (via Tom's Hardware), this new ransomware uses "the Ollama API to generate malicious Lua scripts on the fly, which it then executes."
AI-powered is an operative term here. Promptlock isn't just ransomware that is created by a hacker generating code and then executing that code on a PC; it is instead said to be a series of prompts that are generated on your devices with scripts. According to Eset, these prompts suggest "the malware may exfiltrate data, encrypt it, or potentially destroy it. Although the destruction functionality appears to be not yet implemented." Phew.
Still, the fact this ransomware runs locally also means that it can avoid detection more easily, as it doesn't use any online resources. If your device connected to an unrecognised online source to get prompts, it would be much easier to spot long-term. Eset Research's original post states that the Bitcoin address present in the discovered prompts "appears to belong to Bitcoin creator [Satoshi Nakamoto]."
Eset's post also says that "multiple indicators suggest" the spotted ransomware is a proof of concept. This means it likely wasn't intended for full use, and this may explain why the ability to destroy files was not implemented. Windows and Linux versions of the tool were spotted and flagged. The fact that it is only a concept tool is perhaps rather worrying, as it could imply future, more sophisticated AI-powered ransomware is under development, or ransomware not currently caught.
Naturally, a good way to avoid this (or any) ransomware, is to only download and execute trusted files. As well as this, not running an AI locally would render this specific ransomware obsolete. I don't think I needed much convincing not to set up local AI models anyway.
Hey, if AI can power ransomware, and if we can power ransomware protection with AI too, maybe we can just put them both into one black box and let them fight it out for control of your PC. I feel like I've read a science fiction novel about this. Or perhaps I should write one, anyway. Just don't let ChatGPT do it for you.
The biggest gaming news, reviews and hardware deals
Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.
James is a more recent PC gaming convert, often admiring graphics cards, cases, and motherboards from afar. It was not until 2019, after just finishing a degree in law and media, that they decided to throw out the last few years of education, build their PC, and start writing about gaming instead. In that time, he has covered the latest doodads, contraptions, and gismos, and loved every second of it. Hey, it’s better than writing case briefs.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
