DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat actors have started abusing the popularity of LLMs.
kaspersky previously reported attacks with malware being spread under the guise of DeepSeek to attract victims. The malicious domains spread through X posts and general browsing. But lately, threat actors have begun using malvertising to exploit the demand for chatbots. For instance, kaspersky researchers have recently discovered a new malicious campaign distributing previously unknown malware through a fake DeepSeek-R1 LLM environment installer. The malware is delivered via a phishing site that masquerades as the official DeepSeek homepage. The website was promoted in the search results via Google Ads.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- China drafts ‘quantum-proof’ protocol to defend against advanced cyber attacks
October 30, 2024
Scientists from China are aiming to create a communication protocol which can help protect traditional encryption methods from quantum computer attacks. Chinese scientists recently presented a draft document at an internal event held in Sweden which showed their attempts at making a ‘quantum-proof’ communication protocol. Once ready, the protocol will help agencies and governments across the ...
- The Importance of Asset Context in Attack Surface Management.
October 30, 2024
This is the last of the four blogs (Help, I can’t see! A Primer for Attack Surface Management Blog Series, The Main Components of an Attack Surface Management (ASM) Strategy, and Understanding your Attack Surface: Different Approaches to Asset Discovery) covering the foundational elements of Attack Surface Management (ASM), and this topic covers one of ...
- Scammers Exploit 2024 US General Election to Perpetrate Multiple Fraud Schemes
October 29, 2024
The FBI is warning the public about scammers exploiting the 2024 US General election to perpetrate multiple types of financial fraud schemes. These scams target victims across the United States and have previously exploited state and local elections for similar scams. Scammers use the names, images, logos, and slogans of candidates to fraudulently solicit campaign contributions, ...
- Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
October 29, 2024
Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is ongoing, and Microsoft will continue to investigate and provide updates as available. Based on our investigation of previous Midnight Blizzard ...
- France: Free ISP announces data breach, millions of users possibly affected
October 29, 2024
One of the biggest internet service providers (ISP) in France has confirmed suffering a cyberattack that saw it lose sensitive customer data. A threat actor alias “drusselx” opened a new thread on the infamous Breach forums, advertising a major database for sale, claiming it contains data on 19.2 million Free customers, and holds more than 5.11 ...
- Hackers breach sensitive government and police data in Italy
October 28, 2024
Prosecutors in Milan have uncovered a network of hackers and former law enforcement officials accused of using malware and insider contacts to break into several government databases, including the Interior Ministry. The group allegedly accessed over 800,000 confidential records, even targeting accounts linked to the president’s office. Prosecutors said on Saturday that the operation was allegedly ...