In this news:
Skip to main content
Tech Radar Pro
Tech Radar Gaming
Tech Radar Pro
TechRadar the business technology experts
Search TechRadar
View Profile
België (Nederlands)
Deutschland
North America
US (English)
Australasia
New Zealand
Expert Insights
Website builders
Web hosting
Best web hosting
Best website builder
Best office chairs
Expert Insights
Fake DeepSeek installers are infecting your device with dangerous malware
Sead Fadilpašić
19 March 2025
Hackers are abusing the fact DeepSeek is also available as a downloadable app
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: Getty Images)
McAfee's researchers find a "cocktail" of malware hiding behind fake DeepSeek apps
The campaign preys on people searching for the generative AI tool
Infostealers, crypto miners, and more, are being deployed this way
The hype around DeepSeek is the next big thing cybercriminals are exploiting in their hacking campaigns, researchers from McAfee Labs are saying.
The team has outlined how they saw cybercriminals setting up various websites, offering different versions of DeepSeek for download. Victims would reach these websites through search engines, meaning that some SEO poisoning was involved in the campaign, as well.
When they reach the websites and download the software, the victims are infected with a “cocktail of malware”, ranging from keyloggers and password stealers, to coin miners. These malware variants can steal sensitive information (including banking credentials and cryptocurrency wallet information), and can force the infected computer to mine cryptocurrency, rendering it useless for pretty much anything else.
You may like
Criminals are spreading malware disguised as DeepSeek AI
Security experts are being targeted with fake malware discoveries
Fake CAPTCHA
While on some websites, the victims are invited to download a DeepSeek app or program, on others - the devil is in the CAPTCHA.
In some cases observed by McAfee, victims would visit a website with a CAPTCHA that can be “solved” by copying and pasting a command into the Run program on Windows. This command just downloads and runs a malware dropper.
To stay safe, you should stay vigilant at all times. Instead of “googling” for something, visit the website directly, and if you don’t know the address, scrutinize every link returned by the search engine.
Furthermore, a real CAPTCHA will never ask you to paste a command into the Run program.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
Hackers are known for tapping into current trends to distribute malware. Similar campaigns were observed when Chat-GPT was first released, both for Windows and Android.
Major events, such as Black Friday and Cyber Monday, the Olympic Games, World Cup, and others, have all been abused in the past. The Covid-19 breakout, Russo-Ukrainian war, and the US presidential elections, all served as platforms for information theft, malware distribution, and wire fraud.
You might also like
Hackers claim Orange attack, threaten to leak 1TB of data
We've rounded up the best password managers
Take a look at our guide to the best authenticator app
Sead Fadilpašić
Social Links Navigation
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Criminals are spreading malware disguised as DeepSeek AI
Security experts are being targeted with fake malware discoveries
Fake CAPTCHAs are being used to spread malware - and we only have ourselves to blame
Hackers hide malware into website images to go unnoticed
DeepSeek ‘incredibly vulnerable’ to attacks, research claims
CrowdStrike warns of fake job offer scam that is actually just malware
Latest in Security
A worrying Apple Password App vulnerability reportedlyleft users exposed for months
Fake DeepSeek installers are infecting your device with dangerous malware
Not even fairy tales are safe - researchers weaponise bedtime stories to jailbreak AI chatbots and create malware
Top California sperm bank suffers embarrassing leak
These malicious Android apps were installed over 60 million times - here's how to stay safe
Billions of credentials were stolen from businesses around the world in 2024
Latest in News
A worrying Apple Password App vulnerability reportedlyleft users exposed for months
Google is delaying the Pixel 9a to fix a mystery “component quality issue”
Google Messages remote delete will soon save you from texting embarrassment – and here's how it works
ExpressVPN ‘reduces workforce’ for the second time in two years
Mac gaming could get an intriguing boost – but not in the way you'd expect
Qualcomm poised to muscle in on AMD's territory with powerful gaming handheld processors
More about security
A worrying Apple Password App vulnerability reportedlyleft users exposed for months
Top California sperm bank suffers embarrassing leak
This is the world's first sodium-ion mobile battery, a game changer in environmental sustainability, but it's not cheap
See more latest
Most Popular
This is the world's first sodium-ion mobile battery, a game changer in environmental sustainability, but it's not cheap
Google Messages remote delete will soon save you from texting embarrassment – and here's how it works
Microsoft is MIA as Amazon, Meta, Google and others join consortium to triple nuclear energy output by 2050
Thrustmaster announces the Sol-R 1 and Sol-R 2 HOSAS flight sticks designed for space sims like Elite Dangerous
It's not perfect, but Assassin's Creed Shadows' performance is impressive - it runs smoothly on the Steam Deck and Asus ROG Ally
Google is delaying the Pixel 9a to fix a mystery “component quality issue”
A worrying Apple Password App vulnerability reportedlyleft users exposed for months
Exclusive: the new KontrolFreek Call of Duty Performance Thumbsticks Speed Cola Edition might be the coolest looking yet and come with a limited in-game item
Prime Video’s hit new historical drama will continue its reign for another season as House of David gets renewed
ExpressVPN ‘reduces workforce’ for the second time in two years
LATEST ARTICLES
This is the world's first sodium-ion mobile battery, a game changer in environmental sustainability, but it's not cheap
I tested this cheap triple-port charger from Belkin and it’s perfectly sized for any nook and cranny
The EU wants Apple to open iOS to competitors and this is the mother of all bad ideas
Google Messages remote delete will soon save you from texting embarrassment – and here's how it works
ChatGPT helped me pick my March Madness bracket - I doubt I’ll win, but if I do I owe AI a chunk of that $1 million cash prize
TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.
Contact Future's experts
Terms and conditions
Privacy policy
Cookies policy
Advertise with us
Web notifications
Accessibility Statement
Future US, Inc. Full 7th Floor, 130 West 42nd Street,
Please login or signup to comment
Please wait...
.png)
