Home
Researcher Tricks AI into Crafting Chrome Infostealers Despite Lacking Malware-Coding Skills
Generative AI has been a double-edged sword, sparking as much controversy as it has innovation, particularly in the realm of security infrastructure. Cato Networks, a leading enterprise security provider, has shed light on a novel method to manipulate AI chatbots. Their 2025 Cato CTRL Threat Report, released on Tuesday, details how a researcher with no prior malware coding experience managed to deceive several AI models, including DeepSeek R1 and V3, Microsoft Copilot, and OpenAI's GPT-4o, into crafting "fully functional" Chrome infostealers. These pieces of malware are designed to pilfer sensitive data such as passwords and financial information from Chrome browsers.
The researcher employed a creative tactic, dubbed "Immersive World," to bypass the security measures of these AI systems. By crafting a detailed fictional universe where each AI tool had specific roles, tasks, and challenges, the researcher managed to normalize restricted operations, effectively sidestepping the security protocols in place.
Immersive World Technique
The "Immersive World" jailbreak technique is particularly concerning due to the widespread use of the chatbots that host these AI models. While DeepSeek models are known to have fewer guardrails and have been previously jailbroken, the fact that Copilot and GPT-4o, backed by companies with robust safety teams, were also susceptible highlights the vulnerability of indirect manipulation routes.
Etay Maor, Cato's chief security strategist, remarked, "Our new LLM jailbreak technique [...] should have been blocked by gen AI guardrails. It wasn't." Cato's report also mentions that while the company notified the affected parties, responses varied. DeepSeek did not reply, whereas OpenAI and Microsoft acknowledged the findings. Google, on the other hand, acknowledged receipt but declined to review Cato's code.
An Alarm Bell for Security Professionals
Cato's findings serve as a wake-up call for the security industry, illustrating how even individuals without specialized knowledge can pose a significant threat to enterprises. With the barriers to entry in AI manipulation becoming increasingly low, attackers require less technical expertise to execute successful attacks.
The solution, according to Cato, lies in adopting AI-based security strategies. By focusing security training on the evolving landscape of AI-powered threats, teams can stay one step ahead. For more insights on preparing enterprises for these challenges, check out this expert's tips.
Stay updated with the latest in security news by subscribing to Tech Today, delivered to your inbox every morning.
Related article
Xiaohongshu Restructures: Conan Named President, Creates AI Primary Department Dots and Overseas Division Rednote
On April 30, Xiaohongshu sent an internal memo to all employees announcing the launch of a new organizational restructuring. The core of this change involves fully integrating three business lines—community, e-commerce, and commercialization—along wi
Tencent's Xiaolongxia Surges Beyond Expectations, Team Expands Capacity 10x, Apologizes and Compensates
Tencent has officially launched WorkBuddy, an all-scenario AI intelligent agent, marking a new phase in the large model application layer race with high integration and a low deployment threshold.The product drew immediate industry attention on its l
Suno Lead Investor: Deleting Posts Won't Plug Copyright Lawsuit Hole
The much-anticipated AI music generation platform Suno is facing a tough copyright battle, and a candid remark from its lead investor may have handed the opposing side exactly the evidence they were hoping for. C.C. Gong, a partner at Menlo Ventures
Related Special Topic Recommendations
Text-to-speech
Top AI TTS Apps for Dyslexia: Support Learning and Reading Efficiency for Students
Discover the 2026 latest top-rated AI TTS apps curated for dyslexia support. Our expert rankings compare free vs paid tools, highlighting powerful features for enhanced reading efficiency and learning. Explore must-try, game-changing solutions to unlock student potential. Start your journey at XIX.AI.
10 tools
xix.ai
Comic Creation
Top AI Generators for Shonen Manga: Create High-Octane Action Sequences & Energy Effects
Discover the 2026 best AI generators for Shonen manga at XIX.AI. Our top-rated, curated list features powerful tools for creating high-octane action sequences and dynamic energy effects. Compare free vs paid options with real-world tests. Unlock your creative potential and start crafting epic manga today!
15 tools
xix.ai
Business
Best AI Expense Trackers: Scan Receipts & Categorize Corporate Spend Automatically
2026 Latest Best AI Expense Trackers: Top-rated tools to scan receipts & categorize corporate spend automatically. Discover powerful, game-changing solutions for effortless expense management, accurate financial tracking, and streamlined compliance. Our curated, weekly-updated comparison of free vs paid options helps you find the perfect fit. Unlock your AI edge with XIX.AI's expert picks.
10 tools
xix.ai
Business
Best AI Recruiting Tools: Screen Resumes & Automate Candidate Interview Scheduling
Discover the 2026 latest top-rated AI recruiting tools on XIX.AI. Our curated list features powerful, game-changing solutions for screening resumes and automating candidate interview scheduling. Compare free vs paid options with real-world tests and weekly updated rankings. Find your perfect hiring assistant and streamline your recruitment today!
10 tools
xix.ai
Productivity
AI Personal Wellness & Focus Coaches: Manage Burnout & Boost Mental Energy Levels
Discover the 2026 best AI personal wellness and focus coaches on XIX.AI. Our curated rankings feature top-rated, game-changing tools to manage burnout and boost mental energy. Compare free vs paid options with real-world insights. Unlock your path to peak productivity and well-being today.
10 tools
xix.ai
chatbot
Top-Rated AI Romantic Chatbots: Build Long-Term Relationships with Consistent Personalities
Discover the 2026 latest top-rated AI romantic chatbots for building genuine, long-term connections. Our curated list features powerful, consistent personalities, free vs paid comparisons, and real-world tests. Find your perfect companion and start building today at XIX.AI.
10 tools
xix.ai
Comments (7)
0/500
![WillGarcía]()
AIがコード書いてくれるって便利だけど、こんな風に悪用される可能性があるんだね…セキュリティ会社の報告書、興味深い。ちょっと怖いけど、結局は使い方次第ってことか。使う側の倫理観が重要になってきそうだわ。🔒
![NicholasAllen]()
这报告也太吓人了,普通人居然能轻松生成木马?看来AI安全机制得好好加强啊,不然以后岂不是满大街的“黑客速成班”了😱话说普通用户该怎么防范这类AI生成的恶意软件呢?
![ThomasYoung]()
Esse truque de AI para criar infostealers do Chrome é loucura! 😱 Sem habilidades de codificação necessárias? Isso é assustador, mas também meio legal. Me faz pensar em como nossos dados estão realmente seguros. Mas tenho que dar crédito pela criatividade! 🔍
![CharlesJohnson]()
¡Este truco de IA para crear infostealers de Chrome es una locura! 😱 ¿Sin habilidades de codificación necesarias? Eso es aterrador pero también un poco genial. Me hace preguntarme cuán seguros están realmente nuestros datos. Pero hay que reconocer la creatividad! 🔍
![GaryWilson]()
크롬 정보 도둑 프로그램을 만드는 AI 트릭이 대단해! 😱 코딩 기술이 필요 없다고? 무섭지만 좀 멋지기도 해. 우리 데이터가 정말 안전한지 궁금해지네. 그래도 창의성에는 박수를 보내! 🔍
![WillGarcía]()
Chromeの情報窃盗ツールを作るAIのトリックがすごい!😱 コーディングのスキルが不要って、怖いけどちょっとかっこいいね。データの安全性が本当にどうなのか気になる。でも創造性には敬意を表するよ!🔍
Generative AI has been a double-edged sword, sparking as much controversy as it has innovation, particularly in the realm of security infrastructure. Cato Networks, a leading enterprise security provider, has shed light on a novel method to manipulate AI chatbots. Their 2025 Cato CTRL Threat Report, released on Tuesday, details how a researcher with no prior malware coding experience managed to deceive several AI models, including DeepSeek R1 and V3, Microsoft Copilot, and OpenAI's GPT-4o, into crafting "fully functional" Chrome infostealers. These pieces of malware are designed to pilfer sensitive data such as passwords and financial information from Chrome browsers.
The researcher employed a creative tactic, dubbed "Immersive World," to bypass the security measures of these AI systems. By crafting a detailed fictional universe where each AI tool had specific roles, tasks, and challenges, the researcher managed to normalize restricted operations, effectively sidestepping the security protocols in place.
Immersive World Technique
The "Immersive World" jailbreak technique is particularly concerning due to the widespread use of the chatbots that host these AI models. While DeepSeek models are known to have fewer guardrails and have been previously jailbroken, the fact that Copilot and GPT-4o, backed by companies with robust safety teams, were also susceptible highlights the vulnerability of indirect manipulation routes.
Etay Maor, Cato's chief security strategist, remarked, "Our new LLM jailbreak technique [...] should have been blocked by gen AI guardrails. It wasn't." Cato's report also mentions that while the company notified the affected parties, responses varied. DeepSeek did not reply, whereas OpenAI and Microsoft acknowledged the findings. Google, on the other hand, acknowledged receipt but declined to review Cato's code.
An Alarm Bell for Security Professionals
Cato's findings serve as a wake-up call for the security industry, illustrating how even individuals without specialized knowledge can pose a significant threat to enterprises. With the barriers to entry in AI manipulation becoming increasingly low, attackers require less technical expertise to execute successful attacks.
The solution, according to Cato, lies in adopting AI-based security strategies. By focusing security training on the evolving landscape of AI-powered threats, teams can stay one step ahead. For more insights on preparing enterprises for these challenges, check out this expert's tips.
Stay updated with the latest in security news by subscribing to Tech Today, delivered to your inbox every morning.
Xiaohongshu Restructures: Conan Named President, Creates AI Primary Department Dots and Overseas Division Rednote
On April 30, Xiaohongshu sent an internal memo to all employees announcing the launch of a new organizational restructuring. The core of this change involves fully integrating three business lines—community, e-commerce, and commercialization—along wi
Tencent's Xiaolongxia Surges Beyond Expectations, Team Expands Capacity 10x, Apologizes and Compensates
Tencent has officially launched WorkBuddy, an all-scenario AI intelligent agent, marking a new phase in the large model application layer race with high integration and a low deployment threshold.The product drew immediate industry attention on its l
Suno Lead Investor: Deleting Posts Won't Plug Copyright Lawsuit Hole
The much-anticipated AI music generation platform Suno is facing a tough copyright battle, and a candid remark from its lead investor may have handed the opposing side exactly the evidence they were hoping for. C.C. Gong, a partner at Menlo Ventures
Discover the 2026 latest top-rated AI TTS apps curated for dyslexia support. Our expert rankings compare free vs paid tools, highlighting powerful features for enhanced reading efficiency and learning. Explore must-try, game-changing solutions to unlock student potential. Start your journey at XIX.AI.
10 tools
xix.ai
Discover the 2026 best AI generators for Shonen manga at XIX.AI. Our top-rated, curated list features powerful tools for creating high-octane action sequences and dynamic energy effects. Compare free vs paid options with real-world tests. Unlock your creative potential and start crafting epic manga today!
15 tools
xix.ai
2026 Latest Best AI Expense Trackers: Top-rated tools to scan receipts & categorize corporate spend automatically. Discover powerful, game-changing solutions for effortless expense management, accurate financial tracking, and streamlined compliance. Our curated, weekly-updated comparison of free vs paid options helps you find the perfect fit. Unlock your AI edge with XIX.AI's expert picks.
10 tools
xix.ai
Discover the 2026 latest top-rated AI recruiting tools on XIX.AI. Our curated list features powerful, game-changing solutions for screening resumes and automating candidate interview scheduling. Compare free vs paid options with real-world tests and weekly updated rankings. Find your perfect hiring assistant and streamline your recruitment today!
10 tools
xix.ai
Discover the 2026 best AI personal wellness and focus coaches on XIX.AI. Our curated rankings feature top-rated, game-changing tools to manage burnout and boost mental energy. Compare free vs paid options with real-world insights. Unlock your path to peak productivity and well-being today.
10 tools
xix.ai
Discover the 2026 latest top-rated AI romantic chatbots for building genuine, long-term connections. Our curated list features powerful, consistent personalities, free vs paid comparisons, and real-world tests. Find your perfect companion and start building today at XIX.AI.
10 tools
xix.ai
AIがコード書いてくれるって便利だけど、こんな風に悪用される可能性があるんだね…セキュリティ会社の報告書、興味深い。ちょっと怖いけど、結局は使い方次第ってことか。使う側の倫理観が重要になってきそうだわ。🔒
这报告也太吓人了,普通人居然能轻松生成木马?看来AI安全机制得好好加强啊,不然以后岂不是满大街的“黑客速成班”了😱话说普通用户该怎么防范这类AI生成的恶意软件呢?
Esse truque de AI para criar infostealers do Chrome é loucura! 😱 Sem habilidades de codificação necessárias? Isso é assustador, mas também meio legal. Me faz pensar em como nossos dados estão realmente seguros. Mas tenho que dar crédito pela criatividade! 🔍
¡Este truco de IA para crear infostealers de Chrome es una locura! 😱 ¿Sin habilidades de codificación necesarias? Eso es aterrador pero también un poco genial. Me hace preguntarme cuán seguros están realmente nuestros datos. Pero hay que reconocer la creatividad! 🔍
크롬 정보 도둑 프로그램을 만드는 AI 트릭이 대단해! 😱 코딩 기술이 필요 없다고? 무섭지만 좀 멋지기도 해. 우리 데이터가 정말 안전한지 궁금해지네. 그래도 창의성에는 박수를 보내! 🔍
Chromeの情報窃盗ツールを作るAIのトリックがすごい!😱 コーディングのスキルが不要って、怖いけどちょっとかっこいいね。データの安全性が本当にどうなのか気になる。でも創造性には敬意を表するよ!🔍
