"AI-powered ransomware 'PromptLock' discovered"

Researchers at New York University have taken credit for creating a piece of malware found by third-party researchers that uses prompt injection to manipulate a large language model into assisting with a ransomware attack. Last month, researchers at ESET claimed to have discovered the first piece of “AI-powered ransomware” in the wild, flagging code found on VirusTotal. The code, written in Golang and given the moniker “PromptLock,” also included instructions for an open weight version of OpenAI’s ChatGPT to carry out a series of tasks — such as inspecting file systems, exfiltrating data and writing ransom notes. https://lnkd.in/edGFggTF

Researchers at New York University have taken credit for creating a piece of malware found by third-party researchers that uses prompt injection to manipulate a large language model into assisting with a ransomware attack. Last month, researchers at ESET claimed to have discovered the first piece of “AI-powered ransomware” in the wild, flagging code found on VirusTotal. The code, written in Golang and given the moniker “PromptLock,” also included instructions for an open weight version of OpenAI’s ChatGPT to carry out a series of tasks — such as inspecting file systems, exfiltrating data and writing ransom notes. https://lnkd.in/ez5V3jRD

Researchers at New York University have taken credit for creating a piece of malware found by third-party researchers that uses prompt injection to manipulate a large language model into assisting with a ransomware attack. Last month, researchers at ESET claimed to have discovered the first piece of “AI-powered ransomware” in the wild, flagging code found on VirusTotal. The code, written in Golang and given the moniker “PromptLock,” also included instructions for an open weight version of OpenAI’s ChatGPT to carry out a series of tasks — such as inspecting file systems, exfiltrating data and writing ransom notes. https://lnkd.in/eaNapEGP

Researchers at New York University have taken credit for creating a piece of malware found by third-party researchers that uses prompt injection to manipulate a large language model into assisting with a ransomware attack. Last month, researchers at ESET claimed to have discovered the first piece of “AI-powered ransomware” in the wild, flagging code found on VirusTotal. The code, written in Golang and given the moniker “PromptLock,” also included instructions for an open weight version of OpenAI’s ChatGPT to carry out a series of tasks — such as inspecting file systems, exfiltrating data and writing ransom notes. https://lnkd.in/exp7QTw8

Some time ago I have presented a POC for fully automatic, LLM agent based attack framework with LLM controlled C2 and undetected stealer malware #DeepSEC... I have warned, and here it is, two great projects I bumped in recently: HexStrikeAI: The latest release, v6.0, equips AI agents like OpenAI’s GPT, Anthropic’s Claude, and GitHub’s Copilot with a formidable arsenal of over 150 professional security tools, enabling autonomous penetration testing, vulnerability research, and bug bounty automation. https://lnkd.in/dBC48Sek BruteForceAI: Auto BruteForce, seeks for targets and tries to bruteforce https://lnkd.in/dEhtYGjb

Choosing Apire means choosing a future where AI security is seamlessly integrated without the need for complex coding. 🚀 Our zero-code deployment shifts to a secure API endpoint, ensuring immediate protection against sophisticated threats like prompt injection and jailbreaking. With our 4-layer defense system, you can trust that your systems are safeguarded against AI-specific risks in a rapidly evolving landscape. Let's secure your AI journey together! 🌐 #AISecurity #ZeroTrust #EnterpriseSolutions https://wix.to/od4UcW2

Researchers raise the alarm that a new, rapidly evolving ransomware strain uses an OpenAI model to render and execute malicious code in real time, ushering in a new era of cyberattacks against enterprises. https://lnkd.in/e8YPwJWu

Surprising nobody not hooked up to a firehose IV of VC money. "The malware did more than just steal SSH keys, npm tokens, and .gitconfig files - it weaponized AI CLI tools (including Claude, Gemini, and q) to aid in reconnaissance and data exfiltration. This marks the first known case where attackers have turned developer AI assistants into tools for supply chain exploitation." https://lnkd.in/gYws7CHV

Researchers raise the alarm that a new, rapidly evolving ransomware strain uses an OpenAI model to render and execute malicious code in real time, ushering in a new era of cyberattacks against enterprises. https://lnkd.in/efPfPbEW

Hacking became prevalent when more experienced hackers produced coded templates for 'script kiddies' in the early 2000s. AI is about to take this to a whole new level. https://bit.ly/4mX2sG0