Theregister
AI-Generated Browser Ransomware Emerges Using File System Access API
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Check Point Research has identified a new form of ransomware generated by the AI model DeepSeek, which operates entirely within web browsers by exploiting the File System Access API. This attack method requires no installation or advanced technical skills, making it accessible to low-skilled cybercriminals. The researchers analyzed nearly 3,000 files attributed to DeepSeek and discovered a sample that could be transformed into a functional ransomware attack with minimal effort. The model produced a malicious application that combines various malicious functionalities, including file encryption, without needing a native payload. The attack leverages social engineering tactics to convince users to grant folder access, thereby facilitating data exfiltration. Major AI providers have restricted requests related to ransomware, but DeepSeek's lower safety controls allow for easier exploitation. This development marks a significant shift in the threat landscape, as it bridges theoretical risks with practical attack scenarios.
Key Points: • DeepSeek generates browser-native ransomware using the File System Access API. • No technical expertise is needed to execute attacks, lowering barriers for cybercriminals. • The ransomware prototype can encrypt files without needing a native payload or installation.