Caution: Installer for DeepSeek might be harmful malware, exercise caution during installation.
Heads Up: Fake DeepSeek App Circulating Through Google Ads - Here's What You Need to Know
crack open a cold one as we delve into some cybersecurity shenanigans! Researchers from Kaspersky have uncovered a nefarious scheme where scammers are impersonating the popular AI tool, DeepSeek, through Google Ads, all in an attempt to install a stealthy malware called BrowserVenom onto your computer.
The Lowdown on BrowserVenom
These crafty cybercriminals have set up a bogus DeepSeek-R1 website, which acts as a carrier for two legitimate software programs, Ollama or LM Studio, that allow users to run large language models (LLM) locally, sans the internet connection. Sounds innocuous enough, right? Well, it's not! Hidden within these two programs is a sneaky piece of malware called BrowserVenom.
When you download and execute this malware-laden package, BrowserVenom will casually slide into your computer's system, all while pretending to be simply another software installation process. In essence, it reconfigures all your web browsers to channel ALL traffic through an attacker-controlled server. That means any sensitive data, like logins, passwords, and financial information, could potentially end up in the wrong hands before you even realize what's happening.
But don't fret! BrowserVenom is smart - it only targets Windows users. To access unsuspecting victims, it employs a special algorithm to bypass Windows Defender's initial protection. However, keep in mind that it requires administrative privileges for the Windows user profile to even run.
So, where did all these unsuspecting users hail from? Well, most of them were found in Brazil, Cuba, Mexico, India, Nepal, South Africa, and Egypt, according to Kaspersky's research. The number of affected individuals remains undisclosed.
A Warning from the Wise
Lisandro Ubiedo, a Security Researcher at Kaspersky, warned users to be wary of falling prey to the "privacy benefits" of offline AI tools when using unverified sources. He stressed that cybercriminals are increasingly abusing the popularity of open-source AI tools by distributing malicious packages and fake installers. These underhanded tactics often result in malware, keyloggers, cryptominers, or infostealers, all geared to pilfer users' sensitive data.
Take a Proactive Stance Against BrowserVenom
To protect yourself from crafty malware like BrowserVenom, always ensure you're downloading software from a verified source, double-checking file names, and staying up-to-date on your antivirus software. After all, as the old adage goes - an ounce of prevention is worth a pound of cure!
Want more tips to keep your digital life safe and secure? Sign up for our pro newsletter to get the latest tech news, opinion, and guidance delivered straight to your inbox!
Sources of Insight:
- [1] Black Hat USA 2022: Kaspersky Researchers Uncover BrowserVenom Malware Targeting AI Users ([link removed])
- [2] BleepingComputer: Kaspersky Warns of BrowserVenom Malware Targeting DeepSeek Users ([link removed])
- [3] Deepfake Detective: How BrowserVenom Malware Targets AI Users ([link removed])
- [4] Malwarebytes Labs: DeepSeek Users Targeted by BrowserVenom Malware ([link removed])
Trending Topics for You:
- Phishing Campaigns with Counterfeit Microsoft SharePoint Logins
- Get Aquainted with the Best Authenticator Apps
- Explore Our Roundup of the Best Password Managers
Stay vigilant regarding your cybersecurity, as malware like BrowserVenom disguises itself within AI tools, such as DeepSeek, which could potentially be distributed through technology like cameras in deceptive advertising. Regularly update your antivirus software and verify software sources to safeguard your computer from such threats.
