DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat actors have started abusing the popularity of LLMs.
kaspersky previously reported attacks with malware being spread under the guise of DeepSeek to attract victims. The malicious domains spread through X posts and general browsing. But lately, threat actors have begun using malvertising to exploit the demand for chatbots. For instance, kaspersky researchers have recently discovered a new malicious campaign distributing previously unknown malware through a fake DeepSeek-R1 LLM environment installer. The malware is delivered via a phishing site that masquerades as the official DeepSeek homepage. The website was promoted in the search results via Google Ads.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- MediSecure reveals 12.9 million Australians had personal data stolen in cyber attack earlier this year
July 18, 2024
eScript provider MediSecure has revealed the personal data of 12.9 million Australians was stolen by hackers earlier this year, making it one of the largest cyber breaches in Australian history. MediSecure, which facilitates electronic prescriptions and dispensing, confirmed it was the victim of a large-scale data breach in May. The company had previously not disclosed how ...
- Dark Web Shows Cybercriminals Ready for Olympics. Are You?
July 17, 2024
Major sporting events like the World Cup, Super Bowl, and Wimbledon attract millions, even billions, of viewers. Argentina’s shootout win over France in the final game of the Qatar 2022 World Cup reached a global audience of 1.5 billion viewers. And the Olympics, starting later this month in Paris, is the biggest of them all—with the ...
- New Attack Technique GrimResource Sweeps Through China with Fake Website
July 17, 2024
QiAnXin Threat Intelligence Center and Falcon Operations Team observed in their daily operations that in June 2024, several foreign counterparts reported in-the-wild attacks related to the new attack technique GrimResource. QiAnXin Threat Intelligence Center and Falcon Operations Team promptly conducted research on this technique and have been continuously monitoring it. In mid-July 2024, they discovered the ...
- Student who created malware worth £45k while living with parents is jailed
July 17, 2024
A university student who created malware targeting government websites while living with his parents has been jailed. Amar Tagore, 21, a third year university student, offered buyers malware (malicious software) to disrupt corporate and state-run websites, while living with his parents in Alexandria, West Dunbartonshire. He supplied a tool used by hundreds of online customers to ...
- London council slammed for ‘severe’ data breach in ‘avoidable’ cyber attack
July 17, 2024
Britain’s data watchdog has lambasted London’s Hackney Council for a cyber attack that “severely” impacted residents, saying the breach was “a clear and avoidable error.” In October 2020, hackers infiltrated Hackney’s systems, accessing, encrypting, and in some instances exfiltrating personal data. The compromised information included residents’ names, addresses, racial or ethnic origins, religious beliefs, sexual orientations, ...
- New Bugsleep Backdoor Deployed In Recent Muddywater Campaigns
July 15, 2024
MuddyWater, an Iranian threat group affiliated with the Ministry of Intelligence and Security (MOIS), is known to be active since at least 2017. During the last year, MuddyWater engaged in widespread phishing campaigns targeting the Middle East, with a particular focus on Israel. Since October 2023, the actors’ activities have increased significantly. Their methods remain consistent, ...