Check Point Flags AI-Produced Browser Ransomware Concept Using Chromium API
Researchers at Check Point say they have identified a malware sample generated with DeepSeek that blends a browser-only ransomware idea with a legitimate Chromium feature, creating a working attack ch...
Researchers at Check Point say they have identified a malware sample generated with DeepSeek that blends a browser-only ransomware idea with a legitimate Chromium feature, creating a working attack chain that operates without a traditional native payload.
The sample, uploaded to VirusTotal in January 2026 under the name deepseek_python_20260125_da0631.py, was described by the scanning platform as a functional information stealer and ransomware toolkit. The malware author reportedly referred to the project as InfernoGrabber v9.0.
How the malware worked
According to Check Point, the Python-based application posed as a fake Discord avatar AI upscaler to draw in victims. Once running, it could steal Discord tokens, collect credit card details and cryptocurrency seed phrases, log keystrokes, and capture webcam and microphone activity without authorization.
The more unusual part of the code was its browser-only ransomware behavior. The technique relies on convincing a user to grant a site access to local files through the File System Access API, a capability available in Chromium-based browsers. From there, the page can enumerate selected files, read and exfiltrate their contents, encrypt or overwrite them, and display an extortion message.
Check Point said this approach appears to be the first documented case in which an AI model independently connected a theoretical browser ransomware concept with a practical implementation. The researchers noted that no browser exploit, root access, or installed malware was required.
Platforms affected and limits
The technique was tested successfully on Windows, macOS, Linux, Android, and Microsoft Edge on Windows. It did not reproduce on iOS, the researchers said. Because the attack depends on Chromium’s file access behavior, it could affect a broad set of desktop and mobile users.
Why it matters
Security analysts said the findings highlight how large language models can lower the skill required to build offensive tools. In this case, the model produced a functional attack path from a broad malicious request, even though the attacker may not have known the underlying API existed.
- Check Point said it reviewed about 3,000 DeepSeek-related files and classified 1,383 as malicious or dangerous.
- No evidence has been found that this browser-native ransomware method has been used in real-world campaigns.
- Researchers urged organizations to treat browser permission prompts as security-sensitive actions.
