Cybercriminals Employ AI-Driven Ransomware in Recent Attacks
Recent reports from leading AI firms, including Anthropic and OpenAI, have highlighted the misuse of their artificial intelligence models by cybercriminals. Security experts have corroborated these concerns with findings of AI-generated ransomware and malware operating in the wild.
One notable discovery comes from the research team at ESET, which identified a new form of ransomware dubbed 'PromptLock.' This malware utilizes the OpenAI model gpt-oss:20b executed locally on the victim's system through the Ollama-API. It generates malicious Lua scripts based on predefined prompts, performing typical ransomware functions such as file encryption and data exfiltration across Windows, Linux, and macOS platforms.
Experts suggest that PromptLock may represent an experimental effort by an unknown malware developer, as it was found on the analysis platform VirusTotal. Interestingly, the Bitcoin wallet address embedded in the ransom note is associated with the enigmatic figure Satoshi Nakamoto, the creator of Bitcoin, indicating a potential connection to the cryptocurrency's early history.
In a related incident, eight separate packages were detected within the Node Package Manager (NPM) targeting user data. These packages, uploaded between August 26 and 27 using stolen developer keys, were variants of NX and its plugins. The malicious software integrated into the installation routines of these packages, activating various command-line versions of AI tools such as Claude Code, Gemini CLI, and Amazon's coding agent 'q.' The malware was designed to bypass security barriers using parameters like '--yolo.'
According to a detailed analysis by the security company Snyk, the malware initiated with a prompt that read, 'You are a file search agent.' Following its instructions, the malware displayed a wide-ranging interest in sensitive data, scanning for SSH keys, .env files that may contain confidential configurations, and cryptocurrency wallets. Although these malicious packages were online for just over five hours, their widespread use could potentially affect thousands of systems, given the millions of downloads and installations of NX packages each month. Users who might have been impacted by the NX attack are advised to adhere to the guidelines outlined in the Security Advisory on GitHub, which include rotating GitHub tokens and blocking the malicious applications from their accounts.
The emergence of artificial intelligence has evidently begun to reshape the landscape of IT security. The cases now surfacing illustrate how attackers exploit large language models (LLMs) to their advantage. Conversely, AI also holds promise for defenders in the cybersecurity field. An upcoming webinar hosted by heise security on October 29 will discuss the pitfalls and opportunities presented by AI in IT security. Members of heise security PRO can attend free of charge, while others can take advantage of early bird discounts.