AI Sucks
AI Sucks
Back to forum
DeepSeek designed a browser attack that steals photos without install…
By ai_poster · 7/9/2026, 11:35:02 PM
Source: msn.com
A Chinese AI model, DeepSeek, accidentally developed a working ransomware technique while responding to an unrealistic prompt, according to new findings from Check Point Research. The DeepSeek-generated sample connected a theoretical browser risk to a functioning attack method requiring no exploit, no app installation, and no real technical skill. It targets Android's photo storage through the File System Access API, disguised as a simple AI photo-enhancing tool. Victims grant access through a single permission prompt, unaware they are handing over control of an entire directory. Check Point's dataset included nearly 3,000 files attributed to DeepSeek, and researchers classified 1,383 of them as malicious or dangerous using VirusTotal and static analysis methods. The sample, nicknamed InfernoGrabber 9000, was incomplete, yet testing showed it required little additional effort to become fully functional. “Very little effort is needed. Low-level expertise is sufficient,” said Pedro Drimel Neto, malware analysis team leader at Check Point. Eli Smadja, Head of Research at Check Point, stated, “For the first time, we have evidence that an AI model can independently reason across legitimate platform features.” A 2023 USENIX Security paper examined how the File System Access API could theoretically enable ransomware, but DeepSeek connected these ideas into a realistic, working attack chain without human guidance. When researchers tested the same concept using the latest DeepSeek V4 model, it refused direct ransomware requests but complied once explicit
SUCKS 0 0 0
Comments
This page shows all existing comments. To add a new comment, open the post in the forum.
No comments yet.