Digital Security
Cybercriminals waste no time launching attacks that take advantage of the frenzy around DeepSeek’s AI model
31 Jan 2025
•
,
4 min. read
It’s become almost a cliché to say that cybercriminals are remarkably quick to latch onto the latest trends and technologies and exploit them for their own nefarious gains. The buzz around DeepSeek and its state-of-the-art AI models is no exception. In fact, the past few days have provided a stark reminder that while the tech world is evolving at a breakneck speed, the tactics of online scammers often remain strikingly familiar.
Since the R1 reasoning model of the little-known Chinese startup took the world by storm last week, security researchers have spotted a number of fraudulent attempts to capitalize on its meteoric rise to popularity. Alongside this, DeepSeek has faced intense scrutiny over its privacy and security practices, bringing to light several risks surrounding (not necessarily only DeepSeek’s) AI models.
Here’s a rundown of how fraudsters use DeepSeek’s popularity as a lure for scams and malware, as well as a short recap of some of the key privacy and security issues that have also thrown the spotlight on the company in the past few days.
Scams and malware
One example comes from a ” target=”_blank” rel=”noopener”>user on X who posted some details about a website that mimics the official one and urges visitors to download the DeepSeek model. Instead, however, clicking it triggers the download of a malicious executable that ESET products detect as Win32/Packed.NSIS.A.
While the website largely “looks the part”, a keen eye will spot at least one more giveaway beside the URL itself: unlike the “Start now” button on the official website, the fake one says “Download Now”. (DeepSeek has launched mobile apps for both iOS and Android with great success, but you can also use it directly in your desktop browser without needing to download anything.) To further bolster the ploy’s chances of success, the malware is digitally signed by “K.MY TRADING TRANSPORT COMPANY LIMITED”.
Others have also spotted a number of newly-created lookalike domains that aim to trick people into thinking that they have landed on the real thing, but are instead to part them from their data or hard-earned money, including by touting (non-existent) DeepSeek pre-IPO shares.
Another risk has to do with bogus DeepSeek crypto tokens that have surged on multiple blockchain networks, with some reaching market capitalizations of millions of dollars in short order. The company made it clear on X earlier in January that it has not issued any cryptocurrency.
Privacy and security concerns surrounding DeepSeek
Right on the heels of its rapid ascent, DeepSeek said it had itself been the target of “a large-scale cyberattack” that caused it to suspend new user signups.
Meanwhile, cloud cybersecurity company Wiz has found a database belonging to DeepSeek that inadvertently exposed API keys, system logs, user chat prompts and other sensitive information to the open internet. DeepSeek has since locked down the database.
Cybersecurity firms KELA and Palo Alto Networks have found that DeepSeek’s AI models are susceptible to so-called evil jailbreak attacks and their security guardrails can be subverted to generate malicious outputs, including ransomware, as well as fabricate content such as detailed instructions for creating toxins and explosives.
Much like has been the case with TikTok and other Chinese online services, DeepSeek’s data collection practices also garnered scrutiny almost immediately, including from regulatory authorities in the United States, Ireland, Italy and France.
How to stay safe
Whether it’s a viral new app, a juggernaut social media platform, or even the latest buzz around AI tools, cybercriminals are highly adept at weaving thee latest fads and trends into their ploys, ultimately making them more enticing and harder to spot.
To protect yourself from DeepSeek-themed scams, keep your eyes peeled for any email or social media messages that attempt to piggyback off its popularity and push you to click on suspicious links.
Indeed, as AI tools can be harnessed to create highly convincing phishing campaigns and other social engineering attacks, be skeptical of messages that arrive out of the blue, particularly if they offer something too good to be true such as investment opportunities or create a sense of urgency. You’re better off contacting the company or person mentioned in the messages directly via verified channels and navigating to the official website by typing it into your web browser.
Strengthen your online accounts with two-factor authentication (2FA) wherever possible so that it’s far harder for cybercriminals to access your accounts even if they obtain your credentials. Make sure to also use multilayered security software across all your devices that can go a long way towards keeping you safe.
When interacting with DeepSeek or, indeed, any other AI model, be mindful of the data you’re entering into it, including names, email addresses and sensitive personal preferences. The same goes for corporate and other sensitive data; the US Navy, for example, has already banned use of DeepSeek among its ranks.
Image source: Unsplash