Watch Out - that DeepSeek Installer Could Be Damaging Malware

'BrowserVenom' Windows Malware Preys on Users Looking to Run DeepSeek AI

Antivirus provider Kaspersky traces the threat to malicious Google ads.

Watch out - that DeepSeek installer could be damaging malware

Fake DeepSeek website found serving dangerous malware instead of the popular app.

DeepSneak deception: malware poses as AI assistant

Kaspersky Global Research & Analysis Team researchers have discovered a new malicious campaign which is distributing a Trojan through a fake DeepSeek-R1 Large Language Model (LLM) app for PCs. The previously unknown malware is delivered via a phishing site pretending to be the official DeepSeek homepage that is promoted via Google Ads. The goal of the attacks is to install BrowserVenom, a malware that configures Web browsers on the victim’s devi…

Threat Actors Exploit DeepSeek-R1 Popularity to Target Windows Device Users

A new, highly sophisticated cyberattack campaign is targeting users seeking to download the popular language model DeepSeek-R1, exploiting global interest in large language models (LLMs). Kaspersky researchers have uncovered that threat actors are utilizing malvertising and phishing tactics to distribute previously unknown malware, named BrowserVenom, capable of hijacking victims’ web traffic and stealing sensitive information. […] The post Thre…

Threat Actors Leverages DeepSeek-R1 Popularity To Attack Users Running Windows Devices - Cybernoz - Cybersecurity News

Cybercriminals have begun exploiting the surge in popularity of DeepSeek-R1, one of the most sought-after large language models currently available, to distribute a sophisticated new malware strain targeting Windows users. The malicious campaign uses the artificial intelligence chatbot’s growing demand as a lure to trick unsuspecting users into downloading what appears to be legitimate DeepSeek software but instead delivers a dangerous payload d…

Phishing sites posing as DeepSeek downloads drop a proxy backdoor

Kaspersky is warning LLM users of a new malicious campaign distributing a previously unknown malware, dubbed “BrowserVenom,” through a fake DeepSeek-R1 environment installer. According to findings by the cybersecurity and antivirus firm, users are being tricked into downloading the malware from phishing sites posing as the official DeepSeek homepage. “Users of all experience levels look for chatbot websites on search engines, and threat actors h…