Sections
Themes
Projects of "Ukrainian Truth"
Українська правда
Mezha Mezha

The first computer virus using artificial intelligence has appeared. It was called PromptLock

Dmytro Kazantsev - 27 August, 08:52 PM

For the first time, researchers have discovered a malware that uses artificial intelligence to operate. It can infect devices running Windows, Linux, and macOS.

As stated by ESET Research Labs, using AI, the ransomware, called PromptLock, generates Lua scripts that scan the device's file system, filter out the necessary data, and then steal or encrypt it.

It is noted that the virus uses one of the OpenAI open source models, gpt-oss-20b, released less than a month ago. According to experts, Lua scripts can perform different functions on Windows, macOS, and Linux systems, confusing security tools and demonstrating different behavior each time.

"PromptLock uses Lua scripts generated based on well-defined queries to browse the local file system, inspect target files, extract selected data, and perform encryption. The malware can extract data, encrypt it, or potentially destroy it. Although the destruction feature does not appear to be implemented yet," ESET Research Labs said in a post on Mastodon.

As you know, Lua is a programming language that was created in 1993 by employees of the Pontifical Catholic University of Rio de Janeiro in Brazil. It is often used to create games. Among the most striking examples are World of Warcraft and Dota 2. One of the dialects of this language is Luau, which is also used to create games on the popular Roblox platform.

Example of a request for Lua code generation for PromptLock malware

Researchers have noted that one of the prompts uses a Bitcoin wallet address that may be associated with Satoshi Nakamoto, the pseudonym of the creator of Bitcoin, whose identity has not been revealed. Journalists suggest that this is a temporary cover and confirmation that the virus is in the early stages of development.

As we previously reported, Cybernews analysts recently discovered 30 data sets containing various sensitive information, which together contain 16 billion login credentials from various platforms. They include data from social networks like Facebook, Google and Apple accounts, VPN services, GitHub, Telegram, and many others. This data most likely comes from various identity thieves.

Read also: Hacker attack on Microsoft affected about 400 organizations worldwide

Microsoft revealed how Russian hackers from the Turla group spied on foreign diplomats in Moscow

North Korean hackers ran a US 'laptop farm' from a woman's home in Arizona

Technologies Artificial Intelligence OpenAI Malware Virus
On the subject
GUR soldiers hit a Kalibr cruise missile carrier in the Sea of Azov
Swedish Saab has developed a cheap Nimbrix missile against drones
Air defense turrets with artificial intelligence: Ukraine tests new weapons against Shaheds