Cyber Attack cyber

DeepSeek

Mar 28, 2025 1 min read
DeepSeek

In March 2025, DeepSeek users were targeted by cybercriminals through fake sponsored Google ads resulting in the distribution of malware. These ads led to a fabricated DeepSeek website where a download button, upon being clicked, delivered a Trojan to the user's system. The malware identified as Malware.AI.1323738514, was part of a scheme where criminals outbid legitimate brands and bypassed Google's controls. The issue extended beyond the direct impact on users, as it raised questions about data collection practices. Concerns from Italy's Data Protection Authority led to DeepSeek's app removal from app stores. Separately, Texas banned DeepSeek and other Chinese-owned apps from state devices, citing security reasons.

Source: https://securityaffairs.com/175923/malware/crooks-deepseek-users-with-fake-sponsored-google-ads-to-deliver-malware.html

TPRM report: https://scoringcyber.rankiteo.com/company/deepseek-ai-tools

"id": "dee000032825",
"linkid": "deepseek-ai-tools",
"type": "Cyber Attack",
"date": "3/2025",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'DeepSeek',
                        'type': 'Company'}],
 'attack_vector': 'Fake Sponsored Google Ads',
 'date_detected': 'March 2025',
 'description': 'In March 2025, DeepSeek users were targeted by cybercriminals '
                'through fake sponsored Google ads resulting in the '
                'distribution of malware. These ads led to a fabricated '
                'DeepSeek website where a download button, upon being clicked, '
                "delivered a Trojan to the user's system. The malware "
                'identified as Malware.AI.1323738514, was part of a scheme '
                'where criminals outbid legitimate brands and bypassed '
                "Google's controls. The issue extended beyond the direct "
                'impact on users, as it raised questions about data collection '
                "practices. Concerns from Italy's Data Protection Authority "
                "led to DeepSeek's app removal from app stores. Separately, "
                'Texas banned DeepSeek and other Chinese-owned apps from state '
                'devices, citing security reasons.',
 'initial_access_broker': {'entry_point': 'Fake Sponsored Google Ads'},
 'motivation': 'Financial Gain',
 'threat_actor': 'Cybercriminals',
 'title': 'DeepSeek Malware Distribution via Fake Google Ads',
 'type': 'Malware Distribution'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.