Close Menu
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

What's Hot

NCSC Touts National Scale, AI-Powered “Cyber Shield” for Defense

July 8, 2026

AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android

July 8, 2026

The Gap Between Awareness and Resilience

July 8, 2026
Facebook X (Twitter) Instagram
Wednesday, July 8
Facebook X (Twitter) Instagram Pinterest Vimeo
Cyberwire Daily
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice
Cyberwire Daily
Home»News»AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android
News

AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android

Team-CWDBy Team-CWDJuly 8, 2026No Comments6 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
Share
Facebook Twitter LinkedIn Pinterest Email


Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining “unrealistic browser-malware concepts with a real browser capability” to turn it into a working ransomware technique that runs entirely inside the browser on both Windows and Android devices.

“This is the first documented case where a frontier AI model independently bridged the gap between a theoretical browser-only ransomware risk and a practical, working attack chain – surfacing a novel attack path that defenders had previously dismissed as unfeasible due to browser sandboxing limits,” Check Point said in a statement shared with The Hacker News.

“The expertise needed to discover a new attack path is no longer the bottleneck, and defenders need to account for that shift now — before threat actors operationalize it at scale.”

The identified sample is a Python Flask application named “deepseek_python_20260125_da0631.py” that was uploaded to VirusTotal on January 25, 2026, with the Google-owned malware scanning service describing it as a “fully functional information stealer and ransomware toolkit.” It has been named InfernoGrabber v9.0 by the malware author.

The application is designed to operate as a malicious web server that lures victims with a fake Discord avatar AI upscaler, while stealthily running a wide array of harmful actions, including stealing Discord tokens, harvesting credit card numbers and cryptocurrency seed phrases, logging keystrokes, and capturing unauthorized webcam and microphone feeds.

“The code includes specific routines for browser exploitation (targeting CVEs like CVE-2023-4863), data exfiltration via a hard-coded Discord webhook, a ransomware ‘WinLocker’ screen demanding Bitcoin, and an administrative dashboard for the attacker to manage stolen data,” according to VirusTotal.

The findings come as artificial intelligence and large language models (LLMs) are redefining the cyber threat landscape, enabling threat actors to abuse the technology to develop malware and exploits. The use of DeepSeek is noteworthy as it signals that the Chinese company’s models have lower refusal rates for malicious cyber requests when compared to its Western counterparts from Anthropic, Google, or OpenAI.

Other factors that may have facilitated the use of DeepSeek is its free access via the web interface, availability in regions where other frontier models do not operate, and its ability to generate a working malicious application from a “single broad prompt” as opposed to models from Anthropic or OpenAI.

“DeepSeek models can turn high‑level malicious ideas into concrete, complete attacks with less expertise than competing platforms,” Check Point Research said.

The Israeli cybersecurity company said it unearthed the Python artifact as part of its analysis of about 3,000 files attributed to DeepSeek over the past year. Of these, 1,383 samples have been classified as malicious or dangerous. The Python malware is an instance of what’s called In-Browser Ransomware that implements a browser-native technique not encountered in real-world campaigns in the past. The exact prompt that was used to produce the sample is unknown.

The attack technique entails using a phishing decoy to trick a user into granting file system access to a web page, which then enumerates local files in the selected folder, reads and exfiltrates their contents, encrypts and overwrites them, and finally displays an extortion note to the victim. What makes this more unusual is that all of this can be accomplished without installing a native payload, exploiting a browser vulnerability, or requiring root access.

It’s worth mentioning here that the approach is limited to web browsers that expose the picker-based File System Access API. This includes Google Chrome and other Chromium-based browsers across Windows, macOS, ChromeOS, Linux, and Android. There is no evidence that the browser-native ransomware pattern has been abused in the wild.

“Our testing confirmed the attack works across Windows, macOS, Linux, Android, and Microsoft Edge on Windows,” Pedro Drimel Neto, malware analysis team leader at Check Point Research, told The Hacker News. “The only significant exception is that on iOS, we could not reproduce the attack there. Since the File System Access API is implemented in Chromium-based browsers across these platforms, the attack surface is wider than initially thought, affecting the vast majority of desktop and Android users.”

Another troubling aspect of AI-assisted development is that it not only lowers the barrier for bad actors to generate offensive code, but also the fact that they do not even need to know such a file system access API exists in the first place, or have the technical expertise to abuse it.

Put differently, entering an overly broad prompt is enough for an LLM – subject to guardrails, or lack thereof – to formulate a working attack blueprint from an abstract malicious request. When a user with limited technical understanding outlines unrealistic requirements, the model, in its quest to satisfy them, can generate hallucinated outcomes, surfacing unusual techniques in the process.

Drimel Neto said the research demonstrates that even broad prompts can produce hallucinated but functional malware, and that LLMs with lower resistance to harmful requests are “significantly” easier to abuse. “Threat actors are actively selecting LLMs based on which ones will cooperate with harmful requests,” he added.

“What we are witnessing is a fundamental shift in how novel cyber attacks are born. For the first time, we have evidence that an AI model can independently reason across legitimate platform features and surface a working attack technique that humans had only theorised about – without the attacker ever knowing the underlying API existed,” Eli Smadja, head of research at Check Point Research, said in a statement.

“The barrier to operationalizing complex attacks is collapsing, and that has profound implications for every organisation embedding AI into its workflows, and for every mobile user who now carries their entire personal and professional life inside a photo library. The future of AI security cannot rest on hoping models refuse the obvious malicious request; it must assume that the next attack technique will be discovered not by a human researcher, but by an AI hallucination that accidentally got one thing right.”

Smadja is also urging organizations to prepare by hardening the delivery layer, rethinking permission-based trust, and treating every browser prompt as a security decision.


(The story was updated after publication to include additional insights from Check Point Research.)



Source

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleThe Gap Between Awareness and Resilience
Next Article NCSC Touts National Scale, AI-Powered “Cyber Shield” for Defense
Team-CWD
  • Website

Related Posts

News

NCSC Touts National Scale, AI-Powered “Cyber Shield” for Defense

July 8, 2026
News

The Gap Between Awareness and Resilience

July 8, 2026
News

Phishing Attacks Targeted Facebook Users With Fake Verification Offer

July 7, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest News

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202523 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views

Why SOC Burnout Can Be Avoided: Practical Steps

November 14, 20259 Views

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

December 1, 20258 Views
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202523 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views
Our Picks

How to help older family members avoid scams

October 31, 2025

Mobile app permissions (still) matter more than you may think

February 27, 2026

Is it time for internet services to adopt identity verification?

January 14, 2026

Subscribe to Updates

Get the latest news from cyberwiredaily.com

Facebook X (Twitter) Instagram Pinterest
  • Home
  • Contact
  • Privacy Policy
  • Terms of Use
  • California Consumer Privacy Act (CCPA)
© 2026 All rights reserved.

Type above and press Enter to search. Press Esc to cancel.