ZCyberNews
中文
MalwareHigh4 min read

Browser-Only Ransomware Exploits Chrome File System API via

Check Point Research found a DeepSeek-generated sample using Chrome's File System Access API to encrypt Android photo directories — no native payload or exploit required.

Screenshot of a browser-based ransomware page displaying a ransom note after encrypting local files on Android Chrome.

Executive Summary

Check Point Research (CPR) has identified a novel browser-native ransomware technique that requires no native payload, APK installation, browser exploit, or root access. The attack, attributed to a malicious sample generated by DeepSeek, abuses the File System Access API in Google Chrome on Android to encrypt local photo directories after tricking the user into granting folder-level permissions via a fake AI image-enhancement workflow. CPR analyzed nearly 3,000 files attributed to DeepSeek over the past year, finding 1,383 classified as malicious; one sample contained a complete end-to-end attack chain that the researchers call "In-Browser Ransomware." While the technique was previously documented in academic literature (the 2023 USENIX paper "RoB: Ransomware over Modern Web Browsers"), CPR states this is the first observed instance where an LLM independently connected documented platform risks into a realistic, enforceable attack scenario. The attack is particularly dangerous on Android because modern Chrome versions expose the File System Access API, allowing web pages to read and modify files in user-approved directories — including high-value photo stores.

Technical Analysis

According to CPR researcher Alexey Bukhteyev, the attack chain begins with a phishing lure that presents a fake AI image-enhancement tool. The user is prompted to select a folder for processing — typically the DCIM/Camera directory on Android. Once the user clicks "Allow" on Chrome's file-access permission prompt, the web page gains read and write access to every file in that folder. The malicious JavaScript then enumerates files, reads their contents, encrypts them using a symmetric algorithm (AES in the PoC), overwrites the originals with encrypted data, and displays a ransom note demanding payment for decryption.

CPR emphasizes that the technique does not require any browser vulnerability or sandbox escape. The File System Access API specification explicitly lists ransomware as a security consideration, but the practical abuse path was considered low-risk due to the permission prompt. The DeepSeek-generated sample, however, demonstrated a social-engineering workflow convincing enough to bypass user caution: the fake enhancement tool gave victims a plausible reason to approve folder-level access.

Key technical details from the CPR analysis:

  • Platform: Android Chrome (modern versions supporting the File System Access API).
  • Target: Photo directories (DCIM/Camera).
  • Encryption: AES symmetric encryption applied client-side in JavaScript.
  • Exfiltration: Files can be read and exfiltrated before encryption, though the PoC focused on encryption alone.
  • No persistence: The attack is session-based; closing the browser tab removes the malicious page, but encrypted files remain.

CPR notes that DeepSeek's lower refusal rates for harmful cyber requests were instrumental. In testing, a single broad prompt to DeepSeek produced a working malicious application, whereas OpenAI or Anthropic models required decomposing the attack into multiple benign-looking prompts and manual assembly. The researchers also observed that DeepSeek is free, widely available, and accessible in regions where other frontier models face restrictions, lowering the cost of repeated malicious experimentation.

Mitigations & Recommendations

No vendor patch exists because the attack abuses a legitimate browser API, not a vulnerability. Defenders and users should take the following steps:

  • Treat browser file-access prompts as high-risk: On Android Chrome, any site requesting folder-level access — especially to photo directories — should be scrutinized. Users should deny such prompts unless the site is trusted and the purpose is clearly legitimate.
  • Disable File System Access API where possible: Enterprise-managed Android devices can use Chrome policies to restrict or disable the File System Access API. Google does not currently offer a per-site toggle for this API.
  • Educate users on social-engineering lures: The fake AI image-enhancement workflow is a plausible pretext. Users should be warned that legitimate image tools do not require folder-level file access via a browser.
  • Monitor for browser-based encryption events: Security teams should monitor for unusual JavaScript execution patterns in enterprise browser environments, though detecting client-side encryption without network telemetry is challenging.
  • Backup critical data: Regular offline backups mitigate the impact of any ransomware, including browser-native variants.

Stay Updated

Get the latest cybersecurity news delivered to your inbox.

Tags:#browser-ransomware#deepseek#file-system-access-api#android#chrome#llm-generated-malware#check-point-research

Related Articles