AI-Created Ransomware Exploits Chrome File System, Spotted 9 Times in 24 IOCs
deepseek
| Source: Mastodon | Original article
AI-generated ransomware exploits Chrome's File System Access API. Nine detections and 24 indicators of compromise have been reported.
A new form of AI-generated ransomware has been discovered, abusing the Chrome File System Access API to encrypt files. This browser-only ransomware, dubbed InfernoGrabber, uses the API to access and encrypt files after gaining user permission. The approach is limited to web browsers that expose the picker-based File System Access API, making Chrome a primary target.
This development matters as it showcases the evolving threat landscape, where AI can be used to create operational attack chains without native payloads or exploiting vulnerabilities. The fact that this ransomware can run entirely inside the browser highlights the potential risks associated with granting file system access to web applications.
As researchers continue to analyze this new threat, users should be cautious when granting file system access to web applications. It is essential to monitor the situation and watch for any updates from Chrome and other browser developers regarding the File System Access API and its potential vulnerabilities. Further analysis and IOCs are available, providing valuable insights into this emerging threat.
Sources
Back to AIPULSEN