AI-Driven Ransomware Transforms the Cybercrime Landscape
TL;DR
In 2025, cybercrime advances to a new level of sophistication, highlighting changes in the profile of digital criminals in Brazil. ESET's Threat Report reveals this transformation, detailing the emergence of new threats like the AI-driven ransomware called PromptLock that creates malicious scripts during attacks.
What Is Happening?
In 2025, cybercrime advances to a new level of sophistication, highlighting changes in the profile of digital criminals in Brazil. The Threat Report from ESET reveals this transformation, detailing the emergence of new threats like the ransomware called PromptLock, which uses artificial intelligence (AI) to create malicious scripts during attacks.
New Threats in Cyberspace
Recently, the malware Maverick began to circulate, spreading through WhatsApp and compromising mobile devices. Besides this, PromptLock is considered a milestone in the evolution of ransomwares as it can adapt its tactics in real time.
The trend is clear: AI is not only used to enhance phishing but can also facilitate the creation of customized ransomwares for different regions.
Key Points from the 2025 Threat Report
- Proliferation of ransomware-as-a-service, increasing the number of victims.
- Growth of new families of malware, such as CloudEyE.
- Increases in mobile attacks, utilizing technologies such as NFC.
- Investment scams employing AI and deepfakes.
According to ESET security researcher Daniel Barbosa, "the development of AI in the context of cybercrime is not just a technical advancement but a paradigm shift in how attacks are planned and executed."
The Evolution in 2025
The first half of the year was marked by the Lumma Stealer, a malware focused on stealing financial credentials. In the second half, CloudEyE, or GuLoader, stood out for its ability to act as a downloader and encryptor, increasing its activity nearly thirtyfold.
The number of victims from CloudEyE grew drastically due to its distribution via malicious emails, proving the effectiveness of the malware-as-a-service (MaaS) model, which facilitates the actions of cybercriminals.
Data shows that the number of victims exceeds last year's statistics, with expectations of a 40% growth compared to 2024, warning users about the increasing complexities of attacks.
In conclusion, Barbosa emphasizes that "the current scenario does not only deal with an increase in the number of attacks but also with a rise in the intelligence and adaptability of threats. This implies an urgent need for continuous security strategy for companies and users."
Content selected and edited with AI assistance. Original sources referenced above.
