Cybercriminals are exploiting the rising popularity of Chinese AI reasoning model, DeepSeek, through phishing campaigns, malware deployments, and lookalike websites. They are luring users into downloading malware disguised as the AI model, and creating fraudulent investment opportunities or bogus pre-IPO shares for extracting financial information. Security vulnerabilities and data collection practices of DeepSeek have also triggered scrutiny from authorities. Experts suggest user vigilance, secure browsing and two-factor authentication for protection against such threats.
Novel SSH backdoor leveraged in Chinese cyberespionage attacks
The new Coyote trojan variant attack uses a LNK file to execute a PowerShell command, which helps retrieve a PowerShell script for launching the trojan.
