Google on Wednesday unveiled five recent malware samples created with generative AI, revealing that their performance was substantially subpar compared to professional malware development. This finding indicates that AI-driven malicious software development lags behind traditional methods and is not yet a significant threat in real-world scenarios.
One sample, called PromptLock, was used in an academic study to evaluate the potential of large language models in autonomously executing the ransomware attack lifecycle. Nevertheless, researchers found that the malware had notable limitations, such as the absence of persistence, lateral movement, and advanced evasion tactics, serving more as a feasibility demonstration of AI in malicious use. Before the study was published, security firm ESET identified the sample and described it as “the first AI-powered ransomware.”
Don’t believe the hype
Similar to the other four samples—FruitShell, PromptFlux, PromptSteal, and QuietVault—PromptLock was easily detectable by even basic endpoint protections reliant on static signatures. The samples employed previously known methods, making them easy to counteract and causing no operational impact, meaning no new defenses were required.
Independent researcher Kevin Beaumont stated, “What this shows us is that more than three years into the generative AI craze, threat development is painfully slow. If you were paying malware developers for this, you would be furiously asking for a refund as this does not show a credible threat or movement towards a credible threat.”
Another malware expert, who preferred to remain anonymous, concurred with Google’s findings that generative AI isn’t giving malicious software developers an advantage over traditional development methods. “AI isn’t making any scarier-than-normal malware,” the expert noted. “It’s just helping malware authors do their job. Nothing novel. AI will surely get better. But when, and by how much is anybody’s guess.”