The cybersecurity firm ESET warned this week about Prompt Lock, the first “ransomware” that uses artificial intelligence to decide in real time which files to touch and how to do it, a clear sign of where cyberattacks with generative models at the center are going. While all indications are that this is a proof of concept rather than an active campaign, the discovery marks a dramatic shift in how AI-powered cybercriminals operate.

What is Prompt Lock and how does it work?

Prompt Lock is a type of ransomware—a program that locks files to demand payment—that incorporates an AI model running locally to “think” about its next steps during the intrusion, rather than always following the same fixed script.

ESET researchers note that it can review documents on a computer, copy some, and render others unusable. So far, it has only been observed as a prototype, not in real attacks, although variants have been found for Windows and Linux, making it more dangerous in the future.

In practice, the program enters, analyzes what is on the machine, and automatically decides whether to steal information or lock files to demand a ransom. The key is that it "generates small instructions on the fly," so its behavior changes each time it runs, making it difficult for security systems to detect. ESET emphasizes that this demonstrates how public AI used for malicious purposes can accelerate data theft and blocking in minutes.

Why this is an important change

Until now, many attacks relied on static malicious files, but here the AI ??improvises based on what it finds, making the attack more flexible and difficult to predict. This lowers the barrier to entry for inexperienced attackers, who could execute complex operations using publicly available tools.

Although Prompt Lock resembles an academic project and reinforces the "laboratory" idea, it doesn't diminish the importance of the core: This is the first documented case of ransomware with AI operating within the system.

Vibe hacking: the new form of attack by cybercriminals

“Vibe hacking” is a technique for manipulating AI systems not by breaking down doors, but by influencing how the model reasons with specific tone and instructions. With this, attackers get it to produce text, code, or operational decisions that would normally be restricted.

Experts describe it as the next big concern in cybersecurity, because it allows large-scale scams to be automated, phishing messages to be refined, and in some cases, models to be forced to ignore their security rules.

Prompt Lock is a clear example of this approach: instead of preparing everything in advance, the attacker relies on AI to compose what they need in real time, reducing repetitive fingerprints and gaining speed in the attack.