Academic Ransomware AI? PromptLocker Panic Explained

Update: 2025-09-12

Description

In this episode of IT SPARC Cast – CVE of the Week, John Barger and Lou Schmidt unravel the truth behind PromptLocker — the so-called first “AI-powered ransomware.” Initially flagged by ESET and widely misunderstood as an active cyber threat, PromptLocker was actually part of a controlled academic research project from NYU’s Tandon School of Engineering, known as “Ransomware 3.0.”

We break down how this proof-of-concept malware used LLMs to dynamically generate malicious code, how it slipped into threat databases, and why this isn’t a crisis — but rather, a warning. With the ability to generate malware instructions on-the-fly without any static payload, this project forces a rethink of traditional security detection methods. The cost? About 70 cents using commercial APIs — or virtually free with open-source models. Join us for a grounded, insightful conversation about what’s real, what’s hype, and what you should be doing next.

https://www.tomshardware.com/tech-industry/cyber-security/ai-powered-promptlocker-ransomware-is-just-an-nyu-research-project-the-code-worked-as-a-typical-ransomware-selecting-targets-exfiltrating-selected-data-and-encrypting-volumes

https://www.techradar.com/pro/security/the-first-ai-powered-ransomware-has-been-spotted-and-heres-why-we-should-all-be-worried

https://www.pcgamer.com/software/ai/oh-goody-the-first-known-ai-powered-ransomware-has-been-discovered-and-it-may-exfiltrate-data-encrypt-it-or-potentially-destroy-it/

https://www.itpro.com/security/ransomware/security-researchers-have-just-identified-what-could-be-the-first-ai-powered-ransomware-strain-and-it-uses-openais-gpt-oss-20b-model

⸻

🔗 Social Links

IT SPARC Cast

@ITSPARCCast on X

https://www.linkedin.com/company/sparc-sales/ on LinkedIn

John Barger

@john_Video on X

https://www.linkedin.com/in/johnbarger/ on LinkedIn