DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat actors have started abusing the popularity of LLMs.
kaspersky previously reported attacks with malware being spread under the guise of DeepSeek to attract victims. The malicious domains spread through X posts and general browsing. But lately, threat actors have begun using malvertising to exploit the demand for chatbots. For instance, kaspersky researchers have recently discovered a new malicious campaign distributing previously unknown malware through a fake DeepSeek-R1 LLM environment installer. The malware is delivered via a phishing site that masquerades as the official DeepSeek homepage. The website was promoted in the search results via Google Ads.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Wyze reports a new data breach
March 6, 2024
Security cameras have become very popular for people to plug into their home network, hoping this with deter burglars (or should a robbery happen, that some footage of the event will be captured). Yet how secure is the digital image data? Recently, Wyze users encountered a camera breach with the cybersecurity incident impacting some 13,000 users. ...
- Ontario: City of Hamilton confirms ransomware is behind cyber attack
March 5, 2024
Ransomware is behind the cyber attack on the city of Hamilton, Ont., the municipality’s city manager says. Marnie Cluckie told reporters Monday afternoon that the attack, which was detected the evening of Sunday, Feb. 25, was the result of ransomware. She wouldn’t say what strain of the malware the city has been hit with, how long ...
- Hacker forum post claims UnitedHealth paid $22 mln ransom in bid to recover data
March 5, 2024
A post on a hacker forum popular with cybercriminals has claimed UnitedHealth Group opens new tab paid $22 million in a bid to recover access to data and systems encrypted by the “Blackcat” ransomware gang, according to two researchers. Neither UnitedHealth nor the hackers involved have commented on the alleged ransom payment, but a cryptocurrency tracing ...
- Network tunneling with… QEMU?
March 5, 2024
While investigating an incident at a large company a few months ago, kaspersky researchers detected uncommon malicious activity inside one of the systems. They ran an analysis on the artifacts, only to find that the adversary had deployed and launched the following: The Angry IP Scanner network scanning utility The mimikatz password, hash, and Kerberos ticket extractor, and ...
- US airman pleads guilty to leaking classified documents
March 5, 2024
Jack Teixeira, a member of the Massachusetts Air National Guard charged with leaking classified military documents on a social media platform, pleaded guilty on Monday to carrying out one of the most serious U.S. national security breaches in years. The 22-year-old pleaded guilty to six counts of willful retention and transmission of classified information relating to ...
- Iran foiled nearly 200 cyber-attacks in month to elections
March 5, 2024
Head of Iran’s Civil Defense Organization Brigadier General Gholamreza Jalali says Iran has foiled nearly 200 cyber-attacks in the month leading up to the recent parliamentary elections. In an interview with Iranian television on Monday, Jalali said some 4 or 5 major cyber-attacks were carried out during the same period but were foiled by the experts ...