Criminals are spreading malware disguised as DeepSeek AI

Representational image of a cybercriminal
Image Credit: Pixabay (Image credit: Pixabay)

  • Fake DeepSeek websites are popping up and distributing malware
  • The sites are followed by a huge promotion campaign on X
  • The campaign generated more than a million views, experts warn

Cybercriminals are taking advantage of the hype surrounding AI hot-shot Deepseek to trick people into downloading malware, while evading scrutiny from security analysts, experts have warned.

Researchers at Kaspersky recently observed a sophisticated campaign consisting of compromised X accounts, coordinated bot activity, and geofencing.

The researchers said the cybercriminals created multiple websites to mimic the original Deepseek page. They set the pages up in such a way that they analyzed every visitor’s IP address, and altered the content dynamically, based on the location of the visitor. That way, they were able to display malicious content to some people, and benign content to others.

The targets were shown fake Deepseek software which granted the attackers full remote unauthorized access to their computers.

The hackers also got to advertising - stealing an X account belonging to a legitimate Australian company, and posted content that promoted the fake websites. They used a network of X bots to comment and share the content, generating more than a million views on the microblogging platform.

"Notable sophistication"

"This campaign demonstrates notable sophistication beyond typical social engineering attacks," explained Vasily Kolesnikov, senior malware analyst at Kaspersky Threat Research.

"Attackers exploited the current hype around generative AI technology, skillfully combining targeted geofencing, compromised business accounts and orchestrated bot amplification to reach a substantial audience while carefully evading cybersecurity defenses."

This is yet another proof that internet buzz does not translate to legitimacy. Cybercriminals are getting better at faking engagement, inflating download numbers, and writing fraudulent positive reviews.

To remain safe on the internet, one must be vigilant at all times. Do not trust - verify, should be the mantra, as scam campaigns get more sophisticated and more difficult to spot.

Software should always be downloaded from legitimate sources, whose URLs need to be checked meticulously. Finally, one should have a security program set up, and should keep their software up to date at all times.

You might also like

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Read more
DeepSeek
Experts warn DeepSeek is 11 times more dangerous than other AI chatbots
A person using DeepSeek on their smartphone
DeepSeek ‘incredibly vulnerable’ to attacks, research claims
A laptop with digitally inserted hack warnings around it
Is DeepSeek AI safe to use? Think twice before you download DeepSeek for the time being
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
Fake Reddit sites found pushing Lumma Stealer malware
Trojan
Hackers hide malware into website images to go unnoticed
A digital representation of a lock
Security experts are being targeted with fake malware discoveries
Latest in Security
person at a computer
Many workers are overconfident at spotting phishing attacks
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Latest in News
A man getting angry with his laptop.
Windows 11 bug deletes Copilot from the OS – is this the first glitch ever some users will be happy to encounter?
Huawei Watch Fit 3
The Huawei Watch 3 is a decent Apple Watch alternative, and its successor could be close at hand
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung's latest software upgrade could mean Galaxy phones beat iPhones for gaming – but you can't get it yet
God of War 20th Anniversary Graphic.
Sony has unveiled some goodies to celebrate God of War’s 20th anniversary, but it's not the remaster I was hoping for
person at a computer
Many workers are overconfident at spotting phishing attacks
Apple iPhone 16 Plus Review
The iPhone 17 Air could have an affordable price, and better battery life than you might have expected