Overview

• NYU Tandon researchers identify their Ransomware 3.0 proof-of-concept as the code ESET found and dubbed “PromptLock.”
• The prototype uses embedded natural-language prompts so an LLM can autonomously plan attacks, generate payloads, and craft personalized ransom notes in a closed loop.
• NYU says the Golang binary was non-operational outside a controlled environment and was posted to VirusTotal during final tests.
• ESET updated its report to note NYU’s authorship and maintained that the samples represent the first known case of AI-powered ransomware.
• The system’s polymorphic prompts yield different code on each run, complicating detection; the team, led by professor Ramesh Karri with DOE, NSF and New York state funding, is withholding key artifacts and plans controlled conference disclosures as Anthropic separately reports real-world LLM misuse for extortion.