Cybercriminals are now weaponizing artificial intelligence (AI) to create potentially devastating off-the-shelf ransomware. Researchers at cybersecurity company ESET have discovered what they called “the first known AI-powered ransomware”. The malware, which ESET has named PromptLock, has the ability to exfiltrate, encrypt, and possibly even destroy data, though this last functionality appears not to have been implemented in the malware as yet.
PromptLock has not yet actually been identified in actual attacks, but is thought to be at the proof-of-concept (PoC) stage. However. ESET’s research amply illustrates how malicious use of publicly available AI tools could supercharge ransomware and other pervasive cyberthreats. The PromptLock ransomware is written in Golang, a cross-platform programming language that has gained popularity among malware authors in recent years. ESET has so far identified both Windows and Linux variants of the AI-powered ransomware.
AI will empower a new generation of cybercriminals
The real danger is that off-the-shelf high-powered AI-driven ransomware, such as PromptLock, will enable a whole new generation of cybercriminals with relatively low technical skills to execute highly sophisticated ransomware attacks.
“Regardless of the intent behind PromptLock, its discovery points to how AI tools can be used to automate various stages of ransomware attacks, from reconnaissance to data exfiltration, at a speed and scale once thought impossible. The prospect of AI-powered malware that can, among other things, adapt to the environment and change its tactics on the fly may generally represent a new frontier in cyberattacks,” says ESET.
PromptLock is merely the latest AI-powered tool being placed at the disposal of cybercriminals. Cyber Intelligence reported in June that cybercriminal groups were already harnessing AI to conduct a variety of attacks, including tailored spear-phishing campaigns, deepfake documents, and polymorphic malware capable of constantly mutating its appearance.
“AI models have made it child’s play to craft convincing phishing messages, as well as deepfake images, audio, and video. The ready availability of these tools also drastically lowers the barrier to entry for less tech-savvy attackers, allowing them to punch above their weight,” says ESET.
