### Shadow of Artificial Intelligence Lurking in the Dark PromptLock Emergence - August 2025

### Shadow of Artificial Intelligence Lurking in the Dark PromptLock Emergence - August 2025

PromptLock, the "world's first AI-driven ransomware" reported by ESET and INTERNET Watch in August 2025, marks a new phase in the history of cybersecurity. Its unique feature is that it dynamically generates encryption and data-stealing code in response to the attack environment. Unlike conventional ransomware, which incorporates fixed encryption algorithms, PromptLock's situation-specific generative AI creates new mechanisms, making it extremely difficult to detect using existing signature-based defenses. Furthermore, the AI generates variants while rewriting Lua scripts and other files, and exhibits different behavior with each attack. This appearance is an evolved version of the polymorphic malware of the past.

It has been pointed out that the attacker's methods are not limited to mere encryption, but that the AI may be entrusted to make decisions such as which files to encrypt first and which networks to spread to. Here we see the first attempt to introduce artificial intelligence into attack orchestration. In recent years, when defenses have developed EDR, XDR, and even AI-based anomaly detection, PromptLock is designed to turn the tables, bringing the confrontation between defensive and offensive AIs into sharp relief.

Behind the scenes, attack tools are becoming increasingly automated, and processes such as code generation and phishing email creation are being integrated by AI. As a result, even attackers with limited technical skills are able to launch sophisticated attacks, and a situation that should be called the democratization of malware development is becoming a reality. On the defense side, there is an urgent need to introduce frameworks such as zero-trust security and CTEM, while the international community faces the new challenge of how to regulate AI-based cyber attacks.

PromptLock is not just a new type of malware, but has shaken the world as the first case of weaponized generative AI. The shadow of artificial intelligence lurking in the dark will continue to overturn the common sense of security.