PromptLock: The next threat your business can’t ignore 

It sounds like science fiction, but it’s real: AI is now writing its own malware.

Cyberattacks are more prevalent than ever, and generative AI is giving attackers smarter, faster ways to exploit systems. According to CFO 85% of cybersecurity professionals link the surge in attacks to AI-enabled tools in the hands of bad actors. The emergence of AI-powered ransomware only reinforces the need for IT leaders to stay one step ahead. 

The first known AI-powered ransomware.

ESET researcher Anton Cherepanov recently uncovered PromptLock, the first known ransomware created using AI. Their team identified the malware after reviewing a sample uploaded to VirusTotal, which revealed it had been written with OpenAI’s gpt-oss:20b model. 

While this particular ransomware hasn’t posed a widespread threat yet, it marks a fundamental shift in cyber risk. AI is enabling attacks to create malware that can adapt, learn, and spread faster than ever before. 

Why this matters. 

PromptLock demonstrates a sobering reality: ransomware is evolving. Even if your organisation isn’t large, your data and systems remain a target. AI-driven attacks can: 

• Exfiltrate sensitive files before encryption. 

• Evade traditional detection methods with adaptive techniques. 

• Increase operational risk, financial exposure, and reputational damage. 

For IT professionals, this is a situation that demands immediate action. Ignoring the rise of AI-powered malware leaves your organisation vulnerable to attacks that can strike faster and harder than anything we’ve seen before. 

Outside of Prompt Lock, adaptive malware can now analyse its environment, tweak its behaviour, and even evade standard security tools, staying one step ahead of detection. Cybercriminals are also experimenting with prompt injection techniques, feeding AI models carefully crafted instructions to generate malicious code tailored to specific targets. The result? Threats that are not only automated but increasingly customised, meaning businesses can’t rely solely on traditional defences they need proactive monitoring and AI-aware security strategies to keep pace. 

Key takeaways 

• Ransomware is becoming more sophisticated, faster spreading, and harder to detect. 

• Every organisation, regardless of size, is at risk. 

• Individuals face increased threats of data theft, financial loss, and service disruption. 

• Cybersecurity hygiene regular backups, strong passwords, controlled permissions is no longer optional. 

Cybersecurity awareness is key to fighting against the attackers. That means, regular backups, stronger digital hygiene are you best defence. 

How to protect your business 

Awareness is only the first step. To truly defend against emerging threats like AI-powered ransomware, you need a proactive, tailored approach. That’s where Intercity comes in. 

Our Microsoft 365 Security Assessment examines your business from every angle, identifying weak points, risky accounts, and vulnerable processes. We then create a clear, actionable plan to strengthen your defences, prevent attacks, and stop malicious AI in its tracks. 

Cybercriminals are already innovating with AI don’t let them outpace you. Get in touch with Intercity today and ensure your business stays secure before the next wave hits.