DeepSeek A.I CyberSecurity Scoring
DeepSeek
Company Information
Website:https://www.deepseek.com/en/
Employees number:585
Number of followers:18,507
NAICS:513
Industry Type:Technology, Information and Internet
Homepage:deepseek.com
DeepSeek Risk Score (AI oriented)
Between 650 and 699
DeepSeekTechnology, Information and Internet
Updated:
02/07/2026
02/07/2026
663/1000
Weak
B
DeepSeek Global Score (TPRM)
xxxx
DeepSeekTechnology, Information and Internet
Score locked

DeepSeekWeak
Current Score
663B (WEAK)
01000
1 incidents
-107 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
770
Ransomware
02 Jul 2026 • DeepSeek
DeepSeek and Google: Browser-Only Ransomware Uses File System Access API to Encrypt Files Without Malware Installation
Browser-Based Ransomware Exploits File System Access API in Novel Attack
663
CRITICAL-107
DEEGOO1782973818
Browser-Based Ransomware Exploits File System Access API in Novel Attack
Researchers have uncovered a new ransomware technique that operates entirely within a browser, leveraging the File System Access API to encrypt or exfiltrate files without requiring native malware, exploits, or elevated privileges. The proof-of-concept (PoC), attributed to AI-assisted development by DeepSeek, demonstrates how malicious actors can turn theoretical browser-based threats into practical attacks.
The attack begins with a social engineering lure a fake AI image-enhancement or upscaler web app designed to trick users into granting folder-level access. Once a victim selects a directory (such as a photo folder), the malicious page enumerates, reads, and encrypts files using browser file handles, then displays a ransom note. The technique bypasses traditional defenses, as it relies on legitimate browser APIs and user-granted permissions rather than dropped binaries or exploits.
A key concern is the attack’s effectiveness on Android, where Chromium-based browsers (including Chrome) allow access to sensitive directories like DCIM and Pictures, which often contain irreplaceable personal data. While Safari and Firefox do not widely expose the same API primitives, the risk is concentrated where Chrome dominates.
The DeepSeek PoC, dubbed InfernoGrabber, used a Discord-themed frontend with `showOpenFilePicker()` and `showDirectoryPicker()` to obtain file handles, demonstrating an end-to-end attack chain. Though the API restricts arbitrary disk access, targeting user-facing folders like Pictures and Downloads is sufficient for high-impact outcomes when paired with convincing social engineering.
This attack highlights a growing challenge: AI can rapidly translate abstract malicious concepts into operational threats by mapping them onto legitimate platform features. While DeepSeek’s model refuses direct ransomware prompts, it generated the necessary HTML/JavaScript code to abuse the File System Access API, accelerating the development of one-off malware.
The incident underscores the need for improved permission controls, as current mitigations rely heavily on user vigilance such as avoiding write access to sensitive directories and robust backups. Browser vendors are urged to tighten restrictions, particularly on mobile, where media libraries are prime targets. Defenders must now account for AI-assisted, disposable malware artifacts that complicate detection and attribution.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JUNE 2026
770
MAY 2026
770
APRIL 2026
770
MARCH 2026
770
FEBRUARY 2026
770
JANUARY 2026
770
DECEMBER 2025
770
NOVEMBER 2025
770
OCTOBER 2025
770
SEPTEMBER 2025
770
AUGUST 2025
770
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for DeepSeek ??
What was DeepSeek's A.I Rankiteo Cyber Score in June 2026 ??
What was DeepSeek's A.I Rankiteo Cyber Score in May 2026 ??
What was DeepSeek's A.I Rankiteo Cyber Score in April 2026 ??
What was DeepSeek's A.I Rankiteo Cyber Score in March 2026 ??
What was DeepSeek's A.I Rankiteo Cyber Score in February 2026 ??
What was DeepSeek's A.I Rankiteo Cyber Score in January 2026 ??
What was DeepSeek's A.I Rankiteo Cyber Score in December 2025 ??
What was DeepSeek's A.I Rankiteo Cyber Score in November 2025 ??
What was DeepSeek's A.I Rankiteo Cyber Score in October 2025 ??
What was DeepSeek's A.I Rankiteo Cyber Score in September 2025 ??
What was DeepSeek's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on DeepSeek's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with DeepSeek ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view DeepSeek's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?