AI-enabled browser ransomware risk on Android
🛡️ Check Point Research discovered a Python Flask sample where an AI model connected a legitimate browser API to ransomware-like behavior. The model generated code invoking showDirectoryPicker(), leveraging the File System Access API to request folder access and modify files without installation. A proof-of-concept showed how a fake web app could encrypt photos in a chosen directory, and Android Chrome’s full API support makes DCIM access possible. Defenders should scrutinize folder-access prompts, avoid granting write access to primary photo libraries, and rely on anti-phishing controls to block malicious pages.
