August 26, 2025 By Michael Kan
ESET says PromptLock runs gpt-oss:20b locally on an infected device to help it generate malicious code using hardcoded text prompts, though it might be a proof of concept.
Whether for malicious purposes or simply research, someone appears to be using OpenAI’s open-source model for ransomware attacks, according to antivirus company ESET.
On Tuesday, ESET said it had discovered “the first known AI-powered ransomware,” which the company has named PromptLock. It uses OpenAI's gpt-oss:20b model, which the company released earlier this month as one of two open-source models, meaning a user can freely use and modify the code. It can also run on high-end desktop PCs or laptops with a 16GB GPU.
ESET says PromptLock runs gpt-oss:20b “locally” on an infected device to help it generate malicious code, using “hardcoded” text prompts. As evidence, the cybersecurity company posted an image of PromptLock’s code that appears to show the text prompts and mentions the gpt-oss:20b model name.
