First AI-Powered Virus Prompts Experts' Call To Boost Cybersecurity

The world's first AI-powered virus, called PromptLock, has just emerged.

It's built on open-source AI and can adapt on the fly to attack Windows, macOS, and Linux machines. Here's what makes it particularly frightening: it hunts down your critical system files, encrypts them, and holds them for ransom. And this is just a test version. The worst part? It behaves differently every single time. There's no universal way to detect it or cure an infected machine.

During infection, the AI autonomously decides which files to search, copy, or encrypt - marking a potential turning point in how cybercriminals operate.

Experts believe this new threat can have severe implications for countries like the UAE. In recent decades, the UAE has advanced at an impressive pace, rapidly adopting modern systems and cutting-edge software products. This progress has greatly strengthened the national economy and fueled the growth of innovative businesses. At the same time, it has introduced challenges, as many organisations have not yet fully configured the technological solutions they rely on or trained employees to use their full capabilities.

“This gap in adoption creates space for cybercriminals, with ransomware remaining one of the most serious threats. The emergence of AI-written ransomware increases the risk: while traditional antivirus tools could detect ransomware by flagging characteristic cryptographic code, in this case the code is generated on the fly by artificial intelligence and is not embedded in the executable, making detection more difficult,” Andrey Leskin, Qrator Labs' CTO, told Khaleej Times.

The seemingly obvious solution for anti-malware tools - to look for AI modules in each program and flag them as malicious - is unrealistic, since AI components are now embedded in an increasing number of legitimate applications.

For UAE companies, this means cybercriminals will have more opportunities to exploit gaps, whether through ransomware, illicit cryptocurrency mining that inflates electricity costs and wears down hardware, or DDoS attacks employing AI-powered malware to form massive botnets from infected systems. The overall effect is that defending against cyberthreats in such a fast-moving environment is becoming significantly more challenging.

To stay ahead of AI-driven threats, UAE firms must reinforce several critical areas of cybersecurity.“As phishing remains one of the primary entry points for attackers in the region, it is essential to implement automated detection systems for suspicious emails, links, and attachments, and to provide regular employee training and testing to reduce the likelihood of successful attacks,” Leskin said.

Second, organisations must carefully manage access rights.“Misconfigured or overly permissive access, especially group-level permissions, is a common issue that attackers exploit when targeting servers with sensitive business data. Reviewing and limiting access in every deployed solution, including the newest and most innovative ones, is essential to reduce this risk,” Leskin said.

Third, robust backup strategies are critical. If attackers manage to compromise systems, the ability to restore data from secure, isolated backups can turn a potentially devastating incident into a manageable inconvenience.“While some recent data may still be lost, recovery from backups is far preferable to a complete loss of business-critical information,” Leskin said.

Finally, companies should prepare for other ways cybercriminals may profit from AI-powered malware, such as DDoS attacks and cryptocurrency mining. This requires DDoS protection, as well as continuous monitoring of resource consumption - including CPU, memory, and energy use - across both on-premises and cloud infrastructure.

Quantifying the exact financial impact of AI-induced cyberattacks is difficult, but existing data gives a clear indication of the scale of potential losses in the region.

According to IBM's Cost of a Data Breach Report 2025, the Middle East ranks among the most affected regions worldwide, with an average loss of $7.29 million per incident for large enterprises. This figure is significantly higher than the global average of $4.44 million and second only to the United States at $10.22 million.

For smaller organisations, the risks can be even more severe. Recent research by MasterCard shows that 25% of SMEs affected by a cyberattack filed for bankruptcy, while 19% had to close their business entirely. Both figures are significantly higher than the global averages of 18% and 17% respectively.

“In the context of AI-powered threats, which can be harder to detect and mitigate, these figures suggest that both large enterprises and SMEs in the UAE face not just financial losses but also serious risks to business continuity,” Leskin said.

MENAFN21092025000049011007ID1110090718