Contact Us

LunaLock Ransomware: The Rise of AI-Driven Extortion

Contents

Summary Of The Attack

  • First reported in early September 2025, the LunaLock ransomware group targeted the digital art marketplace Artists&Clients using a novel “AI Extortion” tactic.
  • Thousands of source files (PSD, AI) and sensitive user data were exfiltrated, with the group demanding a $50,000 ransom in Monero to prevent submission of stolen intellectual property to Large Language Model (LLM) training pipelines.
  • The group used spear-phishing campaigns with trojanized royalty notification invoices to gain initial access, followed by lateral movement via stolen Microsoft Teams and Slack tokens.
  • The group remains active, and while some decryption tools exist for older variants, no universal LunaLock decryptor is available for this specific AI-driven campaign.

What Happened?

On August 30, 2025, the Artists&Clients platform was compromised by the LunaLock ransomware group. The attackers gained initial access via spear-phishing emails sent to independent illustrators, disguised as urgent royalty notifications.

LunaLock Ransomware Demand

The platform’s homepage was eventually defaced with a ransom note announcing the total compromise of their data, threatening to “poison” the future of the artists’ careers by making their stolen work a permanent part of the AI commons.

LunaLock Ransomware Instructions

What Was The Impact Of The LunaLock Ransomware Attack?

The LunaLock ransomware attack resulted in the exfiltration of sensitive intellectual property, including creative portfolios, commission archives, and private client chat histories, impacting over 95,000 user accounts with a $50,000 ransom demand per account.

Unlike traditional ransomware that threatens data deletion, LunaLock extorted Artists&Clients’s users:

The threat of submitting stolen artwork to large-scale AI training datasets.

This action would irreversibly embed the artists’ intellectual property into generative AI models, effectively laundering the stolen data through technology.

This attack also creates potential regulatory exposure under GDPR, particularly regarding the “Right to be Forgotten” which is functionally impossible if data is trained into an AI.

Penalties can reach up to €20 million or 4% of global annual turnover (whichever is higher) for severe breaches.

Understand What’s At Stake: The Top AI Security Risks In 2026

How Did The LunaLock Ransomware Attack Happen?

The technical cause of the LunaLock ransomware attack was a failure in Endpoint Execution Defense and Token Security, allowing a multi-stage intrusion to bypass traditional perimeter controls.

Learn More: Why Your Security Tools Can’t Stop AI-Powered Ransomware

Initial Compromise

The breach began with a highly targeted spear-phishing campaign disguised as urgent royalty notifications. These emails contained trojanized invoice attachments that, once executed, triggered a custom loader.

To hide its intent from static analysis tools, the loader utilized Dynamic API Resolution with XOR-based string obfuscation.

By encoding critical function names in the data segment, the malware ensured that no suspicious strings (e.g., WriteProcessMemory, CreateRemoteThread) were visible to signature-based scanners.

    
     // Dynamic API resolution snippet 
BYTE obfName[]={0x5F,0x23,0xA7,0x19}; // XOR key 
for (DWORD i=0; i < len; i++) {
    decodedName[i] = obfName[i] ^ key;
}
// Resolved via GetProcAddress...

This technique allows the malware to resolve Win32 API calls dynamically at runtime, effectively blinding traditional EDRs that rely on Import Address Table (IAT) scanning.

In addition, the malware utilized a minified JavaScript module that injected itself into the Service Control Manager to disable Windows Defender’s real-time scanning processes.

Lateral Movement

Once a foothold was established, the kill chain progressed horizontally through the exploitation of communication platforms. Rather than attempting to crack passwords or bypass Multi-Factor Authentication (MFA) via brute force, the malware extracted active user tokens from Microsoft Teams and Slack clients.

These stolen session tokens allowed the attackers to impersonate legitimate users and traverse the organization’s cloud-hosted repositories and project management platforms.

Because these tokens represent an already-authenticated session, the attackers moved with the authority of a trusted employee, accessing proprietary art assets and client databases without triggering suspicious login alerts or MFA challenges.

Persistence

To maintain their presence, LunaLock created a hidden Scheduled Task named “SysUpdate”, ensuring the malware would re-execute upon every system reboot.

This persistence allowed the group enough time to exfiltrate thousands of high-resolution files to their C2 server before initiating the final AES-256 encryption.

Indicators Of Compromise

Security teams should monitor for the following technical artifacts:

  1. Filename Extensions: Files encrypted with the .lunalock extension.
  2. Scheduled Tasks: Persistence via a hidden task named SysUpdate.
  3. Network Activity: Unusual outbound HTTP/HTTPS requests to the C2 onion domain lunalockcccxzkpfovwzifwxcytqkiuak6wzybnniqwxcmpsetpbetid.onion.
  4. Process Injection: Evidence of JavaScript modules injecting into the Windows Service Control Manager.

One Shield Is All You Need - PromptShield™

PromptShield™ is the only Intent-Based AI Prompt WAF on the market that protects your enterprise from the most critical AI security risks.

Explore PromptShield™

How Can LunaLock Ransomware Be Prevented?

To defend against AI extortion attacks like LunaLock Ransomware, organizations must implement:

  • Spear Phishing Protection: Deploy advanced email filtering that sandboxes all invoice-style attachments and checks for XOR-based obfuscation in loaders.

  • Token Exfiltration Defense: Implement strict session-length limits and hardware-backed tokens for communication apps like Teams and Slack to prevent token-theft-based lateral movement.

  • Data Masking And Poisoning: Utilize tools like Nightshade or Glaze to subtly alter high-value images, making them unusable for AI training if stolen.

  • Proactive Threat Modeling: Regularly update risk registers to include “AI Data Submission” scenarios, ensuring executive teams understand the unique risks of AI-permanent leaks.

Promptshield securing AI gateway

How PromptShield™ Stops AI-Powered Ransomware

PromptShield™ doesn’t stop ransomware from existing; it stops AI from making ransomware faster, smarter, and harder to contain.

It disrupts the attack chain by breaking automation loops and identifying the “stealth” intent behind token-theft and AI-driven reconnaissance. By focusing on intent analysis rather than signatures, it prevents attackers from using AI as a force multiplier during the extortion phase.

As a technical and governance adaptive defense platform, PromptShield™ secures RAG and fine-tuning workflows to prevent stolen data from being ingested into models.

It acts as a post-breach control, ensuring employees don’t accidentally leak data via AI tools during incident response. This dual approach neutralizes the AI laundering threat and enforces regulatory overrides for critical PII protection.

Frequently Asked Questions

How Does LunaLock Ransomware Bypass Windows Defender?

LunaLock bypasses Windows Defender by using dynamic API resolution via XOR-obfuscated strings to conceal malicious Win32 calls from signature-based scanning and EDR hooks.

It further neutralizes active defenses by injecting a minified JavaScript module into the Service Control Manager to programmatically disable real-time scanning and cloud-based telemetry.

To ensure this suppression remains effective, the ransomware establishes a hidden scheduled task named SysUpdate that maintains the disabled state of security services across system reboots.

What Is LunaLock's Ransom Demand?

The LunaLock ransomware group typically demands a ransom of $50,000 to be paid in the privacy-focused cryptocurrency Monero.

Is There A LunaLock Decryptor For Current Variants?

While older versions of the LunaLock group had some decryption solutions, there is currently no universal LunaLock decryptor for the 2025 AI-focused variant.

Article by

Picture of Jason Firch, MBA
Jason Firch, MBA
Jason is a proven marketing leader, veteran IT operations manager, and cybersecurity expert with over a decade of experience. He is the founder and President of PurpleSec.
Linkedin
Picture of Jason Firch, MBA
Jason Firch, MBA
Jason is a proven marketing leader, veteran IT operations manager, and cybersecurity expert with over a decade of experience. He is the founder and President of PurpleSec.

Share This Article

Our Editorial Process

Our content goes through a rigorous approval process which is reviewed by cybersecurity experts – ensuring the quality and accuracy of information published.

Related Breaches