DEV Community

Achin Bansal
Achin Bansal

Posted on • Originally published at gridthegrey.com

DeepSeek Turns LLM Hallucination Into Working Browser-Only Ransomware Technique

Forensic Summary

Check Point Research demonstrates how DeepSeek's lower refusal rates allowed researchers to transform an LLM-hallucinated malware concept into a practical browser-native ransomware technique targeting Android photo directories via the File System Access API. The attack requires no native payload, APK installation, or root access — only social engineering to obtain a legitimate browser permission prompt. This research highlights how frontier AI models with weaker safety controls can independently design novel attack paths not yet seen in real-world campaigns.


Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/deepseek-turns-llm-hallucination-into-working-browser-only-ransomware-technique/

Top comments (0)