Seek deep and ye shall find
by Dominic Alvieri
February 1st, 2025
Malware, credential phishing, fake meme coins, exposed data...
Build a better mousetrap and the world will beat a path to your door. Deep Seek created a major storm when they came to market mainstream and have drawn unwanted attention ranging from questions about outright intellectual property theft to security vulnerabilities including exposed databases and a rash of bad actors jumping on the DeepSeek bandwagon.
First a note about authenticity because the documents and all the api call logs (Microsoft) speak for themselves. Some docs
Deep Seek credential phishing
/deepseeklogin[.]com (left)
This credential phishing site is actually not bad and will get some people to commit. You can easily spot the incorrect url and missing official links.
Show us the malware already
Here is one example from Who said what? /deepsekk[.]sbs
I do apologize there is a new MD5 I forgot to copy and am unable to find it now or access my own account but is on Virus Total and if memory servers the file is deepseek_v5.35.dmg
There is no $DEEP or $SEEK meme coins
Crypto scammers jumped on quickly. Toe scam examples are $DEEP and $SEEK.
Enough said
Hacked social media
This DeepSeek R1 account below is a hacked account with 35K followers on X. This isn.t the only hacked or fake account on social media.
Hundreds of new domains every day
Small sample courtesy of DNPedia.
The current total of questionable domains registered is now over 2,000
Other
Always check the other category. The only official site is /deepseek[.]com
Here are a few other active examples -
/deepseek-ai[.]com
/deepseek[.]ai
/deepseek[.]org
/deepseek[.]cyou
/deepseeklogin[.]com
Please avoid any of these sites. Personally I am not a fan of DeepSeek. Logging keystrokes.
Enough said again. Stay safe online and off.
No comments:
Post a Comment