- Researchers discover a new Locklock ransomware
- Promptlock is driven by AI: it presents new concerns for security equipment
- AI is already shaking the cyber landscape
ESET security researchers have identified the first ransomware known with AI, which serves as a warning for security equipment such as generative AI, and will continue to make cyber attacks much more accessible to criminals.
Researchers Peter Strycek and Anton Cherepanov discovered the proof of concept, which called ‘Practlock’, which ‘takes advantage of the Lua scripts generated from indications with hard coding to enumerate the local file system, inspect destination files, exfilt selected data and make an encryption’.
“Although multiple indicators suggest that the sample is a proof of concept (PIC) or work in progress instead of completely operational malware deployed in nature, we believe it is our responsibility to inform the community of cyber security on such developments,” the researchers wrote.
Use in nature
Practlock malware uses the GPT -OSS: 20B of OpenAi model: an open weight model launched in August 2025, and this is executed locally through the API Ollama to generate malicious scripts of Lua ‘on the fly’.
Lua scripts are compatible with the cross platform, the researchers point out, which means that they work in Macos, Linux and Windows. The malware can be exfiltrated, potentially encrypting and destroying any data that you choose after scanning user files, presumably to determine which one would be more valuable.
Security teams have warned for months that the future of Ransomware will arrive soon, and although hurry it has not yet been observed that it is addressed to the victims in nature, it is clear that it is only a matter of time before this happens.
Genai not only makes life much easier for applicant computer pirates by reducing the entry barrier, but also spits different results even when they are given the same notice. This makes them unpredictable and particularly difficult for defenders to detect, since the behavior pattern is more erratic and difficult to detect.
Through:The registration
