5 AI-developed malware families analyzed by Google fail to work and are easily detected (arstechnica.com)

Google published an analysis of five recent malware samples—PromptLock, FruitShell, PromptFlux, PromptSteal and QuietVault—reported to have been created with generative AI. The verdict: the samples are crude, reuse well-known techniques, and fail basic operational requirements. For example, PromptLock (flagged by ESET as “the first AI-powered ransomware” and studied academically) lacks persistence, lateral-movement capabilities and advanced evasion tactics, turning it into more of a proof‑of‑concept than a working threat. All five were trivially detected by static-signature endpoint protections and showed no real-world operational impact. The broader takeaway for the AI/ML and security communities is that generative models have not yet given malware authors a significant advantage. Researchers say AI-assisted threat development remains “painfully slow” and produces low-quality outputs compared with professional malware engineering; current AI tooling mostly automates routine work rather than inventing novel attacks. That said, experts caution this could change as models improve, but for now defenders don’t need to adopt new defenses—existing detection and mitigation techniques remain effective.