ESET has discovered the first malware that generates AI code on the victim's device

Slovak cybersecurity company ESET has discovered a ransomware program called PromptLock that uses artificial intelligence. According to ESET specialists, this is the first program of its kind in the world that has been detected. Its peculiarity is that it generates malicious scripts directly on the infected computer using the GPT-OSS-20b artificial intelligence model from OpenAI. This allows it to create code that is compatible with various operating systems, including Windows, Linux and macOS.

Experts note that PromptLock is likely a prototype rather than a fully functional piece of malware. It implements an original idea: using a locally executed AI model to generate code on the victim’s device, rather than on the attackers’ servers. While the idea of ​​using AI in cybercrime is not new — the FunkSec ransomware was previously recorded using generative AI in its development — this case stands out for its approach.

According to current data, the program can extract and encrypt data, but does not have all the features for a full-fledged attack. No real victims of its use have been registered yet. Analysts suggest that the world can expect a wave of smarter and faster encryption viruses created using similar technologies.