DeepSeek’s Rise Sparks Interest from Cybercriminals

Antonio Adrados Herrero,
Linkedin

The growing popularity of DeepSeek has led to an increase in fraud, malware and financial scams. ESET warns about the tactics of cybercriminals and provides recommendations on how to protect yourself from these threats.

The emergence of DeepSeek in the artificial intelligence market has not only caught the attention of the tech community, but also of cybercriminals. In recent weeks, multiple fraud attempts linked to this tool have been detected, from the creation of fake websites to the distribution of malware disguised as AI models and fraudulent financial schemes.

Fraud, malware and security issues

ESET researchers have identified fraudulent sites that mimic the official DeepSeek website to trick users into downloading malicious software. A user on the social network X reported one such page, which had a similar design to the official one but with a ‘Download Now’ button instead of ‘Start Now’. This prompts the download of an executable identified by ESET as Win32/Packed.NSIS.A.

In addition, fake domains used to steal credentials or money through fake DeepSeek investment offers have been detected. Fraudulent cryptocurrency tokens have also proliferated, reaching values in the millions within days, despite the company making it clear that it has not issued any official digital assets.

Privacy concerns and vulnerabilities

Shortly after its launch, DeepSeek was the victim of a cyberattack that forced it to suspend the registration of new users. In parallel, cybersecurity firm Wiz discovered an exposed database of API keys and system logs.

Investigations by KELA and Palo Alto Networks further revealed that DeepSeek is vulnerable to ‘evil jailbreak attacks’, allowing attackers to bypass its security barriers to generate malicious content. Authorities in the US and Europe have placed its data collection under investigation, similar to the scrutiny received by other Chinese technologies such as TikTok.

How to protect yourself from attacks

ESET recommends that users watch out for suspicious emails and messages attempting to impersonate DeepSeek, avoid clicking on unknown links, and only access the official website by typing the address directly into the browser. It also advises enabling two-factor authentication (2FA) and having up-to-date security software to prevent attacks.