When AI Invents the Attack: Browser-Native Ransomware
Check Point Research recently uncovered something that changes how we think about AI-assisted threats: a malware sample in which an AI model independently connected a theoretical browser risk to a working ransomware technique, with no exploit, no app installation, and no technical expertise required from the attacker.
A Noisy Sample With One Dangerous Idea
While analyzing nearly 3,000 DeepSeek-attributed files from public telemetry, our researchers came across a Python Flask application that looked, at first, like a textbook AI hallucination. It tried to pack a keylogger, credential stealer, webcam capture, and ransomware overlay into a single web page — most of which browsers simply won’t allow. The model got almost everything wrong.
But buried in the noise was one thing it got exactly right. The generated code called showDirectoryPicker(), a legitimate browser APIthat lets a web page request access to a folder on the user’s device, read files inside...
Copyright of this story solely belongs to itvoice.in. To see the full text click HERE