Hacktron — Claude Opus Builds Full Chrome Exploit Chain for $2,283
AI relevance: A widely available commercial AI model (Claude Opus 4.6) produced a full browser exploit chain for under $2,300, proving that AI-assisted exploit development is no longer limited to specialized models — it's accessible to anyone with an API key and technical know-how.
Key Findings
- Mohan Pedhapati, CTO of Hacktron, used Claude Opus 4.6 to build a full Chrome V8 exploit chain targeting Discord's bundled Chromium (version 138, nine versions behind upstream).
- The experiment consumed 2.3 billion tokens across 1,765 API requests at a total cost of $2,283 — with the majority ($2,014) spent on Claude Opus 4.6 high mode.
- The exploit used a V8 out-of-bounds vulnerability from Chrome 146 — the same version Anthropic's own Claude Desktop runs.
- Discord was chosen because Electron apps like Discord, Slack, and Teams bundle their own Chromium versions, often lagging weeks or months behind upstream patches, creating "patch gaps."
- Full exploit chain cost was approximately $6,283 including supporting research; Google's v8CTF bug bounty pays $10,000 per valid exploit, making AI-assisted exploit development profitable even through legitimate channels.
- Claude Opus still requires heavy human guidance — it gets stuck, loses context, guesses instead of verifying, and cannot recover from dead ends autonomously. The operator spent ~20 hours unsticking it.
- Despite these limitations, the trend is clear: future models will need less supervision, shrinking the time between vulnerability discovery and weaponization.
- Open-source patches themselves serve as "exploit hints" — AI can rapidly analyze public commits to identify what was broken and build exploits faster than traditional reverse engineering.
- The researcher recommends that open-source projects reconsider patch disclosure timing: publishing V8 patches before stable releases ship gives attackers a head start.
Why It Matters
This research demonstrates that AI-assisted exploit development is economically viable today — not with some future supermodel, but with a currently available commercial model. The $2,283 cost is below the threshold of organized crime budgets and well within reach of motivated individuals. Combined with Electron app "patch gaps" (Chromium versions bundled in Discord, Slack, Teams often lag months behind), the attack surface is massive and growing.
What to Do
- Audit Electron-based applications in your environment for Chromium version drift — ensure auto-updates are enforced.
- Track all bundled dependency versions, not just primary application versions.
- Implement browser sandboxing policies and verify that Electron apps are not running with disabled sandbox.
- Security teams should assume AI-assisted exploit development reduces the window between patch disclosure and exploitation from weeks to hours.
- Consider coordinated disclosure timing that minimizes the gap between fix availability and public patch visibility.