![[The AI Show Episode 142]: ChatGPT’s New Image Generator, Studio Ghibli Craze and Backlash, Gemini 2.5, OpenAI Academy, 4o Updates, Vibe Marketing & xAI Acquires X](https://www.marketingaiinstitute.com/hubfs/ep%20142%20cover.png)
![[FREE EBOOKS] The Kubernetes Bible, The Ultimate Linux Shell Scripting Guide & Four More Best Selling Titles](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
![From drop-out to software architect with Jason Lengstorf [Podcast #167]](https://cdn.hashnode.com/res/hashnode/image/upload/v1743796461357/f3d19cd7-e6f5-4d7c-8bfc-eb974bc8da68.png?#)
.png?#)
.jpg?#)
_Christophe_Coat_Alamy.jpg?#)
![Rapidus in Talks With Apple as It Accelerates Toward 2nm Chip Production [Report]](https://www.iclarified.com/images/news/96937/96937/96937-640.jpg)
Cybercriminals are cloning DeepSeek AI website to ship malware
The post Cybercriminals are cloning DeepSeek AI website to ship malware appeared first on Android Headlines.
Cybercriminals are using a variety of methods to compromise the private data or credentials of potential victims online. One of the most popular methods is cloning legitimate services. Malicious actors are no strangers to the huge popularity of DeepSeek, the new artificial intelligence that is on everyone’s lips. Researchers have discovered a malware campaign where attackers impersonate DeepSeek AI.
While campaigns based on cloning popular platforms are quite common, this time the perpetrators have added a layer of sophistication. The campaign uses both coordinated bots and geofencing (displaying specific content according to your location) to try to get users to access a fake DeepSeek AI website.
DeepSeek AI clones, the new way for attackers to install malware on your PC
According to Kaspersky researchers, the criminals created several Deepseek clone websites. The websites scan the IP addresses of those who access them. In this way, some users receive malicious content, and others receive “normal” content. This helps create the image that the website is legitimate among folks who did not receive malicious content. Their experiences could help convince other people—to whom the website will send malicious content—to access it.
The main goal of the campaign is to get people to download a supposed DeepSeek desktop client. As you might imagine, the client is actually malware that gives the attackers unauthorized remote access to your PC.
The report indicates that the attackers even hijacked legitimate accounts with many followers. One of the affected accounts belongs to an Australian company. The cybercriminals then promoted the malicious website through those accounts. Meanwhile, a network of bots commented and shared the posts promoting the DeepSeek clones.
“This campaign demonstrates notable sophistication beyond typical social engineering attacks,” said Vasily Kolesnikov, senior malware analyst at Kaspersky Threat Research. “Attackers exploited the current hype around generative AI technology, skillfully combining targeted geofencing, compromised business accounts and orchestrated bot amplification to reach a substantial audience while carefully evading cybersecurity defenses,” he added.
Due to attacks of this nature, it’s important to be careful which links you click on. Don’t trust just any post promoting links to a supposedly legitimate popular service. If you really want to access a website, find the URL by yourself. By trusting third-party links, you expose yourself to potential account breaches. Additionally, downloading malware from fake websites could give someone else control of your PC.
The post Cybercriminals are cloning DeepSeek AI website to ship malware appeared first on Android Headlines.
