DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat actors have started abusing the popularity of LLMs.
kaspersky previously reported attacks with malware being spread under the guise of DeepSeek to attract victims. The malicious domains spread through X posts and general browsing. But lately, threat actors have begun using malvertising to exploit the demand for chatbots. For instance, kaspersky researchers have recently discovered a new malicious campaign distributing previously unknown malware through a fake DeepSeek-R1 LLM environment installer. The malware is delivered via a phishing site that masquerades as the official DeepSeek homepage. The website was promoted in the search results via Google Ads.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Konica Minolta bizhub Multifunction Printer: Pass-Back Attack Vulnerability (NOT FIXED)
June 30, 2025
During security testing, Rapid7 discovered that Konica Minolta bizhub 227 Multifunction printers (MFPs) were vulnerable to a pass-back attack. The affected products identified were: Konica Minolta bizhub MFPs Firmware Version: GCQ-Y3 and earlier This issue has been assigned the following CVEs: CVE-2025-6081: LDAP pass-back vulnerability The Konica Minolta bizhub Multifunction printer (MFP) is an all-in-one enterprise printer designed ...
- Bluetooth security flaw could let hackers spy on your device via microphone
June 30, 2025
Security researchers have uncovered three vulnerabilities in a Bluetooth chipset present in dozens of devices from multiple manufacturers. The vulnerabilities, they say, can be exploited to eavesdrop on people’s conversations, steal call history and contacts information, and possibly even deploy malware on vulnerable devices. However, exploiting the flaws for these purposes is quite difficult, so practical ...
- Hackers hijacked hundreds of devices in an outlandish intel campaign aimed at US and Asian targets
June 29, 2025
A recently disclosed cyber espionage operation, dubbed LapDogs, has drawn scrutiny following revelations from SecurityScorecard’s Strike Team. The operation, believed to be conducted by China-aligned threat actors, has quietly infiltrated over 1,000 devices across the United States, Japan, South Korea, Taiwan, and Hong Kong. What makes this campaign distinctive is its use of hijacked SOHO routers ...
- Hacktivist groups led a massive surge in DDoS on US businesses following an attack on Iran
June 28, 2025
An abrupt and massive rise in Distributed Denial of Service (DDoS) attacks against U.S. businesses has coincided with Washington’s involvement in the Israel-Iran conflict. According to Radware’s Director of Threat Intelligence, Pascal Geenens, between June 21 and 22, 2025, hacktivist-led DDoS claims surged by 800%. This dramatic increase was paralleled by a 900% drop in ...
- FBI, cybersecurity firms say a prolific hacking crew is now targeting airlines and the transportation sector
June 28, 2025
The FBI and cybersecurity firms are warning that the prolific hacking group known as Scattered Spider is now targeting airlines and the transportation sector. In a brief statement on Friday shared with TechCrunch, the FBI said it had “recently observed” cyberattacks resembling Scattered Spider to include the airline sector. Executives from Google’s cybersecurity unit Mandiant and ...
- AI Goes on Offense: How LLMs Are Redefining the Cybercrime Landscape
June 26, 2025
In their last blog, Rapid7 explored the broader rise of AI-enabled threats across ransomware, phishing, and nation-state operations. Now, they’re narrowing in on a specific piece of that evolution: how cybercriminals are using large language models to scale and automate their tactics. AI in cybersecurity is no longer experimental. It’s embedded in workflows, transforming everything from ...