Introduction
The QRadar Detection Engineering Content team, comprised of seasoned red and blue teamers, is responsible for designing and implementing systems to detect cyber-attacks and attacker TTPs. These systems are released as Content Packs through IBM App Exchange and can be downloaded and added to your existing rules for the purpose of detecting specific threats.
In this blog we will discuss PromptLock the AI-Powered Ransomware. We will look at how it operates, coverage in the news, and how QRadar SIEM can help you identify potential PromptLock activity.
Threat Profile
PromptLock is a recently observed malware strain that takes a novel approach by incorporating artificial intelligence. Developed in Golang, it uses a locally hosted large language model (LLM) accessed via the Ollama API to generate Lua scripts dynamically. These scripts are created at runtime and used to scan the local filesystem, identify files of interest, and carry out data exfiltration and encryption using the SPECK 128-bit algorithm. The use of Lua scripting allows the malware to operate across Windows, Linux, and macOS environments, making it versatile and platform-agnostic.
Unlike traditional ransomware, PromptLock does not rely on static payloads. Instead, it adapts its behavior based on the infected system, generating unique scripts for each execution. This dynamic nature complicates detection and analysis, as the malware’s logic is not embedded directly in its binary. While currently considered a proof-of-concept, PromptLock demonstrates how AI can be used to automate and customize malicious operations, presenting new challenges for defenders and detection systems.
Threat Intelligence Context
PromptLock was first reported by ESET on August 26, 2025, after researchers identified Windows and Linux samples uploaded to VirusTotal the previous day. Follow-up analysis by Seqrite confirmed the malware’s use of Ollama LLM APIs to dynamically generate Lua scripts for file enumeration and encryption. The samples were later linked to a New York University Tandon research prototype demonstrating how LLMs could autonomously construct ransomware logic in a CyberScoop article.
While PromptLock itself has not been observed in active campaigns, its publication has immediate implications for defenders. By showing that runtime code generation can replace static payloads, it underscores the limits of signature-based detection and the importance of behavioral correlation across process hierarchies and log sources, an approach that underpins IBM QRadar’s detection engineering strategy
Detection Logic and Rules Description
Because PromptLock generates Lua scripts dynamically, traditional detection based on file hashes or signatures is ineffective. To address this, the QRadar Detection Engineering Content team developed a behavioral correlation rule designed to identify the malware’s characteristic execution pattern across multiple operating systems.
PromptLock Rule View
The rule, Potential PromptLock Activity Detected, monitors events from Windows, Linux, and macOS log sources for process chains consistent with the malware’s structure. Specifically, it looks for a Go-based parent process (reflecting PromptLock’s Golang build) spawning one or more child processes with .lua extensions, indicative of runtime script generation. When these behaviors are observed together, the rule generates an offense, allowing analysts to investigate potentially AI-assisted malicious activity.
Where to find the content pack
This PromptLock rule is included in the IBM Security Threat Monitoring Content Extension v3.1.0, available on the IBM App Exchange. Customers can install or update this pack directly within QRadar to access the new detection logic, alongside other recent enhancements to ransomware and behavioral threat coverage.
Conclusion
PromptLock represents an early example of how large language models can be integrated into malware to generate attack logic dynamically. While its current form is a proof of concept, it highlights a shift toward AI-assisted, behaviorally adaptive threats that challenge traditional detection methods.
For defenders, this emphasizes the importance of maintaining robust, behavior-based analytics across diverse log sources and operating systems. Through ongoing updates to the Security Threat Monitoring Content Extension, the QRadar Detection Engineering team aims to stay ahead of the curve and continues to expand coverage for emerging TTPs like those demonstrated by PromptLock ensuring that customers can detect, investigate, and respond to evolving threats within a unified SIEM framework.