Generative AI and Its Limitations in Malware Development

AI-Developed Malware: A Closer Look

Generative AI has been significantly hyped, yet recent analyses reveal serious limitations in AI-developed malware. Google recently examined five malware families, including PromptLock, that demonstrate these shortcomings.

PromptLock and Its Shortcomings

One of the standout samples, PromptLock, was part of an academic study investigating how well large language models can autonomously plan, adapt, and execute the ransomware attack lifecycle. However, researchers found clear limitations: it lacks essential features, omitting persistence, lateral movement, and advanced evasion tactics, reducing it to little more than a demonstration of feasibility rather than a practical threat.

Detection and Effectiveness

According to previous insights from the security firm ESET, which hailed it as the first AI-powered ransomware, the results have proven far less impactful. Like other analyzed samples—FruitShell, PromptFlux, PromptSteal, and QuietVault—it was simple to detect even through basic endpoint protections that rely on static signatures. All samples employed previously seen methods, which made them easy to counteract and resulted in no operational impact.

These findings strongly suggest that the integration of generative AI in malware development has a long way to go before posing any real threat.