AI prompts edge toward real-world browser ransomware, researchers warn

Security researchers at Check Point found an AI-generated DeepSeek sample that could be turned into a fully functional browser-only ransomware with minimal effort, using the browser’s File System Access API to access local files via a web app. The proof-of-concept, InfernoGrabber 9000, targets Android and bundles a toolkit for data theft, encryption, and a ransom overlay, though the current code was incomplete. Experts say the model could assemble the required components inside a front-end, meaning AI-assisted prompts could yield near-ready browser ransomware, even as the browser sandbox blocks many actions. This underscores growing AI-enabled threat potential for end-user devices.
- Somebody told DeepSeek to build in-browser ransomware and it gleefully complied The Register
- Browser-Only Ransomware: From LLM Hallucinations to a Practical Attack Technique Check Point Research
- AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android The Hacker News
- DeepSeek-Generated Malware Shows How AI Can Build Browser-Native Ransomware Workflows cyberpress.org
- A ransomware in the browser? Just ask DeepSeek Korben
Reading Insights
1
9
5 min
vs 6 min read
91%
1,114 → 99 words
Want the full story? Read the original article
Read on The Register