Start your day with intelligence. Get The OODA Daily Pulse.
A Chinese AI model accidentally stumbled into a working ransomware technique while trying to satisfy an unrealistic, broad prompt. New findings from Check Point Research say the DeepSeek-generated sample connected a theoretical browser risk to a functioning attack method, requiring no exploit, no app installation, and no real technical skill from the attacker. It targets Android’s photo storage through a legitimate browser feature called the File System Access API, disguised as a simple AI photo-enhancing tool. The technique abuses Android’s DCIM folder, which typically holds years of personal photos, scanned identification documents, and banking screenshots. Victims grant access through a single permission prompt disguised as an AI-powered photo enhancer, unaware they are handing over control of an entire directory.
Full report : DeepSeek designed a browser attack that steals photos without installing any app.