Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1794+ Articles
149+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. News
  3. AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android
AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android
NEWS

AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android

Researchers have uncovered a novel malware artifact generated using DeepSeek that weaponizes the Chromium File System Access API to encrypt files entirely...

Dylan H.

News Desk

July 2, 2026
7 min read

A New Class of Browser-Based Ransomware

Cybersecurity researchers have flagged a novel and alarming malware artifact: a browser-native ransomware generated using the DeepSeek AI model that encrypts user files entirely through the browser, without deploying a traditional executable to disk. The attack abuses the Chromium File System Access API — a legitimate browser capability — to achieve file encryption across Windows, Linux, macOS, and Android.

The discovery highlights the accelerating threat of AI-assisted malware development and the emerging risk surface created by powerful browser APIs that were designed for productivity but can be weaponized for destructive purposes.


How It Works

The Chromium File System Access API

The File System Access API is a legitimate Web platform feature implemented in Chromium-based browsers (Chrome, Edge, Brave, Opera, and others). It allows web applications to read and write files on the user's local filesystem — with user consent — enabling browser-based IDEs, photo editors, and productivity apps to work with local files.

The attack weaponizes this capability:

1. User visits malicious/compromised web page

2. Page requests filesystem access via showOpenFilePicker() or showDirectoryPicker()
   → Browser shows a native "Open" dialog (looks legitimate)

3. User grants access (social engineering: "Allow to continue")

4. JavaScript running in the page iterates through granted directory

5. Files are read, encrypted with attacker-controlled key, and written back
   (using FileSystemWritableFileStream)

6. Ransom note dropped as .txt file in each directory

7. Decryption key only available upon ransom payment

The critical insight is that no executable is ever written to disk. The attack runs entirely as JavaScript in the browser process — making it resistant to many traditional endpoint detection approaches that focus on monitoring process creation and file writes from native executables.

AI-Assisted Generation

The malware artifact was analyzed and found to contain unmistakable signs of AI-generated code. Researchers attribute the generation to DeepSeek, noting:

  • The code demonstrates "unrealistic browser-malware concepts" (things security researchers typically dismiss as theoretical) combined with real, exploitable browser capabilities
  • The AI synthesized knowledge from security research papers, bug bounty writeups, and browser API documentation to construct a novel attack path
  • Code structure and commenting patterns are consistent with LLM output

This is not the first AI-generated malware (VoidLink, analyzed earlier this year, is a more complex example) but it represents a significant lowering of the bar: a working ransomware technique generated from a conversational AI prompt.


Cross-Platform Impact

Because the attack runs inside Chromium — which is available on every major desktop and mobile platform — the same malicious page works against:

PlatformBrowser EngineFile Access
Windows 10/11ChromiumFull filesystem via File System Access API
macOSChromiumUser-accessible files and directories
LinuxChromiumAny path user grants access to
AndroidChrome/ChromiumScoped access to downloads, documents

iOS is notably not affected — Apple's WebKit engine (required for all iOS browsers) does not implement the File System Access API in a way that permits write access to the local filesystem.


Why This Matters

The "No Executable" Problem

Traditional ransomware drops a native binary (ransomware.exe, locker.elf, etc.) that endpoint detection and response (EDR) tools monitor for:

  • Process creation from unusual parent processes
  • Rapid file modification patterns (mass rename to .encrypted)
  • Known ransomware signatures

Browser-native ransomware sidesteps all of these:

  • No new process — writes happen via the browser's existing chrome.exe/chromd process
  • No binary on disk — JavaScript in browser memory
  • No signature match — the "payload" is dynamic JavaScript, not a static binary
  • Legitimate API — the File System Access API is used by thousands of legitimate web apps

The AI Amplification Effect

The DeepSeek-generated nature of this artifact is significant for two reasons:

  1. Speed — what might take a skilled developer days to prototype was generated in minutes
  2. Creativity — AI systems can synthesize attack paths across disparate domains (browser security research + ransomware techniques) that human developers might not connect

Security researchers have long warned that AI would lower the barrier to sophisticated malware development. This finding provides concrete evidence.


Detection

Detecting this attack is challenging but not impossible:

Browser-Side Signals

  • Unexpected directory picker dialogs on unfamiliar websites — legitimate sites rarely request broad filesystem access
  • Slow browser performance during an apparent hang or spinner — could indicate mass file I/O in progress
  • Files renamed or their content changed after a browser session

Endpoint Detection

Monitor for:
- chrome.exe / msedge.exe making large numbers of file write operations
- Files being modified in bulk by browser processes
- New .txt files appearing in directories alongside modified files
  (ransomware note pattern)

EDR query example (Elastic/EQL):
file where process.name : ("chrome.exe", "msedge.exe", "chromium.exe")
  and event.action : "overwrite"
  and file.extension : ("docx", "xlsx", "pdf", "jpg", "png")
  and count > 50 within 60s

Network Detection

The encryption key must be transmitted to the attacker's server. Monitor for:

  • Browser processes making outbound HTTPS connections to newly registered or low-reputation domains
  • WebSocket connections from browser to unknown endpoints established immediately after filesystem access is granted

Mitigation

For End Users

  1. Be extremely cautious when any website requests access to your files or directories via a browser dialog — legitimate sites have specific, obvious reasons for this
  2. Keep browsers updated — browser vendors can and do add security controls to APIs like File System Access
  3. Use browser extensions with content blocking to restrict which sites can invoke filesystem APIs
  4. Maintain offline backups — the only reliable defense against any ransomware is a backup that cannot be reached by the attacker (or browser)

For Administrators and Security Teams

Chrome Group Policy / Enterprise Controls:
- DefaultFileSystemReadGuardSetting: Block filesystem read access by default
- DefaultFileSystemWriteGuardSetting: Block filesystem write access by default
- FileSystemReadAskForUrls: Allow list (only trusted internal apps)
- FileSystemWriteAskForUrls: Allow list (only trusted internal apps)

Configure these via Chrome Enterprise or Intune for managed devices to prevent untrusted sites from invoking File System Access APIs.

Browser Vendor Response

This disclosure is expected to prompt review by Google's Chrome security team. The File System Access API already requires explicit user gesture and permission grant, but the research demonstrates that social engineering can trivially obtain that consent. Additional friction or user education within the browser permission dialog may follow.


The Broader AI-Malware Trend

This finding arrives alongside a growing body of evidence that AI is meaningfully accelerating malware development:

  • VoidLink (early 2026): 88,000-line Zig-based cloud malware framework with AI-assisted development
  • GhostWriter campaigns: AI-polished phishing lures with near-zero typos and culturally appropriate context
  • DeepSeek browser ransomware (this finding): novel attack path combining browser API research with ransomware concepts

The security community's defensive response must accelerate at the same pace. AI-assisted threat detection, behavioral analysis rather than signature matching, and zero-trust access controls for browser capabilities are all areas where investment is increasingly urgent.


Sources

  • The Hacker News — AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android

Related Reading

  • VoidLink: AI-Generated Cloud-Native Linux Malware Framework
  • AI Slashes Cyberattack Exploit Timelines from Years to Days
  • AI Agentic Threats 2026: Model Poisoning
#Ransomware#Malware#AI#DeepSeek#Chromium#Windows#Linux#macOS#Android#Browser Security

Related Articles

Critical SimpleHelp Flaw Exploited to Deploy Djinn Infostealer

Hackers are actively exploiting CVE-2026-48558 in SimpleHelp remote support software to deploy Djinn Stealer, a previously undocumented cross-platform...

5 min read

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

Attackers poisoned at least 18 npm and Go packages with a novel technique: hiding malware in .vscode/tasks.json auto-run tasks, bypassing npm v12's...

4 min read

Malicious Edge Extension "Edgecution" Abuses Native Messaging to Deploy Ransomware Backdoor

Zscaler researchers exposed 'Edgecution', a rogue Microsoft Edge extension that exploits Chrome's Native Messaging protocol to escape the browser sandbox...

4 min read
Back to all News