Threat Actors Use Fake DeepSeek Websites in Malicious Campaigns

Numerous fake DeepSeek websites have been spotted in new malicious campaigns that employ crypto theft, phishing, and scams against unsuspecting targets.

Researcher spots rogue DeepSeek websites used for malicious purposes

Dozens of websites mimicking the popular artificial intelligence service DeepSeek have been spotted in new malicious campaigns.

According to SecurityWeek, researcher Dominic Alvieri, who made the startling discovery, had identified more than 50 such sites as of Wednesday. Further analysis also unearthed more than 1,000 dormant domains believed to be part of the same deceitful campaign.

Devious tactics uncovered

Threat actors employ various malicious mechanisms on the fake DeepSeek websites, including credential harvesting, phishing, crypto theft and other forms of scam.

According to Alvieri’s findings, some phony websites, such as deepseek-login[.]com, are hosted on domains meant to trick visitors into handing over their credentials.

However, credential hunting is the tip of the iceberg. Some perpetrators inject cryptocurrency wallet drainers into rogue DeepSeek websites, some use them to promote token scams, and others offer downloadable DeepSeek apps believed to harbor malicious code.

Convincing clones may trick even vigilant users

While some websites can be easily spotted as fake due to a lack of effort put into replicating them, others are worryingly convincing replicas that could deceive even the most vigilant of eyes.

Reportedly, the perceived legitimacy of these clones seems to be increasing, as significant improvements in clone quality have been spotted from one week to another.

According to Alvieri, several cybersecurity community members, including himself, managed to shut down some of the rogue websites, but numerous new ones emerged only a day later.

Safeguarding against scams and other cyber threats

As threat actors constantly try to turn the online realm into their personal playground, the importance of staying safe from their tactics cannot be understated.

Dedicated software like Bitdefender Ultimate Security can shield you from scams, malware, and other digital threats, including viruses, Trojans, worms, zero-day exploits, ransomware, and spyware.

It encompasses various relevant features such as anti-phishing and anti-scam modules, network threat prevention, behavioral detection to monitor active apps, cryptomining protection, web attack prevention, and AI-powered scam protection.