DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat actors have started abusing the popularity of LLMs.
kaspersky previously reported attacks with malware being spread under the guise of DeepSeek to attract victims. The malicious domains spread through X posts and general browsing. But lately, threat actors have begun using malvertising to exploit the demand for chatbots. For instance, kaspersky researchers have recently discovered a new malicious campaign distributing previously unknown malware through a fake DeepSeek-R1 LLM environment installer. The malware is delivered via a phishing site that masquerades as the official DeepSeek homepage. The website was promoted in the search results via Google Ads.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Fake Google Chrome Website Tricks Users into Installing Malware
November 22, 2024
Google Chrome is the most widely used web browser in the world, and this dominance makes it a great vector for cybercriminals to use to spread malware to unsuspecting users. The SonicWall Capture Labs threat research team recently found what appears to be a legitimate website where a user can download and install Google Chrome. But ...
- Ford denies it was hit by data breach, says customer data is safe
November 22, 2024
Ford has denied suffering a data breach frecently, saying the information circulating around the web belongs to a third party and is, for the most part, publicly available. A known leaker with the alias EnergyWeaponUser recently posted a new thread on BreachForums, claiming to be sharing Ford’s data for free. “Today, I have uploaded the Ford ...
- Andrew Tate ‘online university’ suffers breach: 800,000 users’ data exposed
November 22, 2024
Far-right influencer and self-described misogynist Andrew Tate has become the target of an anonymous hacktivist group. Sensitive data from hundreds of thousands of subscribers to Tate’s “online university” was stolen. On Thursday, hackers announced their breach of Tate’s “The Real World” website by flooding the private members’ chatroom with pro-feminist emojis and transgender pride flags, as ...
- Update now – Apple confirms vulnerabilities are already being exploited
November 20, 2024
Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS, Safari, and visionOS. The updates for iOS and Intel-based Mac systems are especially important, as they tackle vulnerabilities that are being actively exploited by cybercriminals. You should make sure you update as soon as you can. To check if you’re using ...
- Fintech giant Finastra confirms it’s investigating a data breach
November 20, 2024
Finastra, a London-based financial software company that serves most of the world’s top banks, has confirmed it’s investigating a data breach after a hacker claimed a compromise of the company’s internal file-transfer platform. In a statement given to TechCrunch, Finastra spokesperson Sofia Romano confirmed the fintech giant detected what it calls “suspicious activity” related to an ...
- Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware
November 20, 2024
Unit 42 researchers have observed an increase in BlackSuit ransomware activity beginning in March 2024 that suggests a ramp up of operations. This threat emerged as a rebrand of Royal ransomware, which occurred in May 2023. Unit 42 tracks the group behind this threat as Ignoble Scorpius. Since the rebrand, Unit 42 has observed at least ...