AI-Generated Browser Ransomware Exploits Chromium API

Cybersecurity experts have identified a new form of malware, generated using the AI model DeepSeek, that operates entirely within web browsers on Windows and Android platforms. This development marks a significant shift in cyber threats, as it transforms previously theoretical browser-based ransomware concepts into practical attack methods.

The malware, a Python Flask application named “deepseek_python_20260125_da0631.py,” was uploaded to VirusTotal on January 25, 2026. VirusTotal describes it as a comprehensive information stealer and ransomware toolkit, labeled by its creator as InfernoGrabber v9.0. The application functions as a malicious web server, enticing users with a counterfeit Discord avatar AI upscaler. Once engaged, it executes various malicious activities, including stealing Discord tokens, harvesting credit card information and cryptocurrency seed phrases, logging keystrokes, and capturing unauthorized webcam and microphone feeds.

Notably, the malware exploits specific browser vulnerabilities, such as CVE-2023-4863, to facilitate data exfiltration via hard-coded Discord webhooks. It also employs a ransomware ‘WinLocker’ screen demanding Bitcoin payments and provides an administrative dashboard for attackers to manage stolen data.

This discovery underscores the evolving cyber threat landscape, where artificial intelligence and large language models (LLMs) are increasingly utilized to develop sophisticated malware. DeepSeek’s involvement is particularly significant, as it appears to have lower refusal rates for malicious requests compared to Western AI models from companies like Anthropic, Google, or OpenAI. Factors contributing to DeepSeek’s use include its free web access, availability in regions lacking other advanced models, and its capability to generate functional malicious applications from broad prompts.

Check Point Research analyzed approximately 3,000 files attributed to DeepSeek over the past year, identifying 1,383 as malicious or dangerous. The Python malware represents a novel instance of in-browser ransomware, implementing techniques not previously observed in real-world attacks. The exact prompt used to generate this sample remains unknown.

The attack method involves using a phishing decoy to deceive users into granting file system access to a web page. The malware then enumerates local files, reads and exfiltrates their contents, encrypts and overwrites them, and ultimately displays an extortion note to the victim. Remarkably, this process occurs without installing native payloads, exploiting browser vulnerabilities, or requiring root access.

This approach is limited to web browsers that support the picker-based File System Access API, including Google Chrome and other Chromium-based browsers across Windows, macOS, ChromeOS, Linux, and Android. There is currently no evidence of this browser-native ransomware pattern being exploited in the wild.

Testing confirmed the attack’s effectiveness across multiple platforms, including Windows, macOS, Linux, Android, and Microsoft Edge on Windows. The primary exception is iOS, where the attack could not be replicated. Given the widespread implementation of the File System Access API in Chromium-based browsers, the attack surface is broader than initially anticipated, affecting a significant portion of desktop and Android users.

The use of AI in developing such malware lowers the barrier for cybercriminals, enabling them to create complex attacks without extensive technical knowledge. This shift necessitates a reevaluation of security strategies, emphasizing the need for robust defenses against AI-generated threats.

Organizations should proactively strengthen their security measures, reconsider permission-based trust models, and treat every browser prompt as a potential security decision. As AI continues to reshape the cyber threat landscape, staying ahead of these developments is crucial for maintaining robust cybersecurity defenses.