Criminals distribute malware disguised as DeepSeek AI.

Experts have warned of a new cybercrime campaign that exploits the growing interest in Deepseek, an innovative artificial intelligence system. Criminals have created multiple fake websites that mimic the original Deepseek page, distributing malware under a deceptive guise. This activity has been supported by a promotional campaign on X, which generated over a million views.

Kaspersky researchers have detected a sophisticated approach in this campaign, which includes compromised X accounts, coordinated bot activity, and geofencing techniques. The fraudulent sites are designed to analyze the IP address of each visitor, allowing them to modify the content displayed based on the geographic location of the person accessing it. Thus, some users are exposed to malicious content while others see harmless information.

Among the methods used by the attackers is the use of fake Deepseek software, which grants criminals unauthorized remote access to the victims' devices. They have also stolen an X account belonging to a legitimate Australian company, from which they have advertised the fraudulent sites. With the help of a network of bots, they have amplified their message, achieving considerable visibility.

Vasily Kolesnikov, a senior malware analyst at Kaspersky Threat Research, indicated that the campaign presents a level of sophistication significantly higher than typical social engineering attacks. The attackers have effectively exploited the surge of interest in generative artificial intelligence technology, effectively combining geofencing, compromised business accounts, and orchestrated bot amplification to reach a wide audience and evade cybersecurity defenses.

This scenario highlights that internet popularity does not always translate into legitimacy. Cybercriminals are honing their techniques to simulate engagement, inflate download figures, and write fraudulent positive reviews. To stay safe online, it is essential to maintain a constant level of vigilance. It is recommended to download software only from legitimate sources, meticulously verifying URLs. Additionally, having a security program installed and keeping software updated is crucial.