The crazy, true story behind the first AI-powered ransomware (www.theregister.com)

A team of engineers from New York University has developed what is believed to be the first proof-of-concept for AI-powered ransomware, dubbed Ransomware 3.0, as part of their cybersecurity research. Leveraging advanced large language models like OpenAI’s gpt-oss-20b and gpt-oss-120b, the AI system autonomously performs all four stages of a ransomware attack, from mapping a victim's IT environment to generating polymorphic Lua scripts that selectively encrypt high-value files. The attack also crafts personalized ransom notes using data found on infected machines, making it more targeted, harder to detect, and uniquely tailored to each victim. This breakthrough highlights a potential paradigm shift for the AI/ML and cybersecurity communities, as threat actors could soon harness generative models to automate increasingly sophisticated and evasive cyberattacks at scale. During testing, the malware was mistakenly flagged as a real threat by security firms, underscoring both its realism and the urgency for defenders to anticipate AI-powered threats. While the current prototype only functions in controlled environments and requires modification to operate in the wild, the research signals that AI-driven ransomware is no longer science fiction but an emerging, credible risk. The study serves as a crucial warning and call to action for cybersecurity experts to bolster defenses against such autonomous, AI-fueled attacks before they become widespread.