AI-created ransomware and NFC attacks lead the surge in new cyberattacks - here's how you can stay safe this holidays

1. Pro
2. Security

AI-created ransomware and NFC attacks lead the surge in new cyberattacks - here's how you can stay safe this holidays News By Sead Fadilpašić published 24 December 2025

AI is no longer just being used to craft convincing phishing emails, experts warn

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Shutterstock) Share Share by:

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google

• ESET discovers PromptLock, first AI-driven ransomware generating malicious scripts dynamically
• PromptLock scans systems, exfiltrates, encrypts, or destroys data based on AI decisions
• NFC malware also rising; experts urge updates, backups, and cautious handling of files/tools

Generative Artificial Intelligence (GenAI) is now being used to code ransomware encryptors, researchers have said, revealing how the technology is no longer solely used for crafting phishing and scam content.

ESET Research's latest Threat Report detailed PromptLock, the first known AI-driven ransomware, “capable of generating malicious scripts on the fly”, using an OpenAI model, via the Ollama API, to generate, and then execute, malicious scripts.

It contains two main components: a static main module that handles communication with the server running the AI model and carries hardcoded prompts, and cross-platform Lua scripts that are dynamically generated by the model via the prompts.

You may like

• AI-driven cybersecurity threats are now hitting businesses from every angle - here's how to stay safe
• When AI malware meets DDoS: a new challenge for online resilience
• Google VP says traditional approach to fighting ransomware falls short - points accusatory finger to 'persistent threat on Microsoft Windows and Microsoft Office'

How to stay safe

ESET found these scripts serve multiple functions, from enumerating the local filesystem, to exfiltrating data, and performing encryption. It also means PromptLock can scan victim systems on its own, and decide whether the identified data should be exfiltrated, encrypted, or simply destroyed.

At the moment, PromptLock is a proof-of-concept, ESET further stated, so the risk of running into it in the wild is relatively low - however its very existence should be cause for concern.

“The emergence of tools like PromptLock highlights a significant shift in the cyberthreat landscape,” said Anton Cherepanov, ESET Senior Malware Researcher.

“With the help of AI, launching sophisticated attacks has become dramatically easier, eliminating the need for teams of skilled developers. A well-configured AI model is now sufficient to create complex, self-adapting malware. If properly implemented, such threats could severely complicate detection and make the work of cybersecurity defenders considerably more challenging.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

Besides ransomware, NFC threats are also growing in both scale and sophistication, ESET warned. In the second half of the year, the researchers saw an 87% increase in telemetry, as well as “several” notable upgrades. NGate, for example, which was one of the first NFC-enabled malware, was upgraded to steal contacts, as well.

To stay safe as AI-powered threats emerge, users and organizations should focus on fundamentals that still work.

Keep operating systems, browsers, and security tools fully updated to reduce the attack surface, use reputable endpoint protection and enable behavioral detection, not just signature-based scanning.

They should also treat unexpected files, installers, and “tools” with caution, especially those claiming productivity or AI benefits, and limit admin privileges so malware cannot easily encrypt or destroy data. Regular, offline backups remain critical for ransomware resilience, as well, and so does employee education.

The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

TOPICS AI Malware Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Show More Comments

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more AI-driven cybersecurity threats are now hitting businesses from every angle - here's how to stay safe    When AI malware meets DDoS: a new challenge for online resilience    Google VP says traditional approach to fighting ransomware falls short - points accusatory finger to 'persistent threat on Microsoft Windows and Microsoft Office'    AI scams surge: how consumers and businesses can stay safe    Hackers are stealing the keys and walking through the front door, and AI is helping them turn the handle    The power and potential of agentic AI in cybersecurity    Latest in Security Suspected DDoS attack takes France’s post office offline    These malicious Google Chrome extensions have stolen data from over 170 sites - find out if you're affected    Dangerous WebRAT malware now being spread by GitHub repositories    Aflac reveals personal data of 22.6 million people stolen in cyberattack - here's what we know    Nissan says Red Hat breach affected thousands of customers    Phishing emails and fake adverts flood inboxes this Christmas - and they’re getting harder to detect than ever    Latest in News This 3D-printed iPhone Fold mockup might be as close as you can come to holding the real thing    Another image of the DJI Osmo Pocket 4 leaks — and it could come with a mysterious new accessory    AI-created ransomware and NFC attacks lead the surge in new cyberattacks - here's how you can stay safe this holidays    This Switch 2 Joy-Con replacement was already my most anticipated accessory — and now it’s getting two new versions plus cool pre-order bonuses    One PC building firm has an answer to harsh DRR5 price hikes: BYO RAM    Sony WF-1000XM6 earbuds leak again, this time with a release date hint    LATEST ARTICLES

1. 1Give yourself the gift of digital privacy this Christmas
2. 2AI-created ransomware and NFC attacks lead the surge in new cyberattacks - here's how you can stay safe this holidays
3. 33 Christmas VPN deals to keep your present hauls safe
4. 4These malicious Google Chrome extensions have stolen data from over 170 sites - find out if you're affected
5. 5I’m a solo vlogger and these are the 6 pieces of gear I recommend for creating content that shines