AI-Powered Ransomware 'PromptLock' Emerges and Defies Safety Guardrails

Cybersecurity firm ESET has revealed 'PromptLock,' the world’s first known AI-powered ransomware. This variant leverages large language models for adaptive payload delivery, making detection and containment much harder than with traditional ransomware. PromptLock can autonomously generate ransom notes, customize attack strategies in real-time, and evade security barriers using prompt injection techniques. Recent attacks underscore the ongoing vulnerability of AI systems and the rapid evolution of adversarial tactics. At the same time, researchers have identified 'PROMISQROUTE,' an SSRF-like exploit that manipulates model routing in popular AI systems to downgrade safety protocols and bypass filters. According to experts at Anthropic and Adversa AI, such attacks expose critical flaws in AI architecture, highlighting the urgent need for improved safeguards and continual monitoring. The discovery signals a new era in cybersecurity threats driven by generative AI.