1. Forum
  2. FidoNet
  3. CONSPRCY

  • Criminals are spreading m

    From Mike Powell@1:2320/105 to All on Tue Mar 11 08:38:00 2025
    Criminals are spreading malware disguised as DeepSeek AI

    Date:
    Tue, 11 Mar 2025 11:05:14 +0000

    Description:
    Huge advertising campaign on X is promoting malware posing as DeepSeek.

    FULL STORY ======================================================================
    - Fake DeepSeek websites are popping up and distributing malware
    - The sites are followed by a huge promotion campaign on X
    - The campaign generated more than a million views, experts warn

    Cybercriminals are taking advantage of the hype surrounding AI hot-shot Deepseek to trick people into downloading malware , while evading scrutiny
    from security analysts, experts have warned.

    Researchers at Kaspersky recently observed a sophisticated campaign
    consisting of compromised X accounts, coordinated bot activity, and
    geofencing.

    The researchers said the cybercriminals created multiple websites to mimic
    the original Deepseek page. They set the pages up in such a way that they analyzed every visitors IP address, and altered the content dynamically,
    based on the location of the visitor. That way, they were able to display malicious content to some people, and benign content to others.

    The targets were shown fake Deepseek software which granted the attackers
    full remote unauthorized access to their computers.

    The hackers also got to advertising - stealing an X account belonging to a legitimate Australian company, and posted content that promoted the fake websites. They used a network of X bots to comment and share the content, generating more than a million views on the microblogging platform.

    "Notable sophistication"

    "This campaign demonstrates notable sophistication beyond typical social engineering attacks," explained Vasily Kolesnikov, senior malware analyst at Kaspersky Threat Research.

    "Attackers exploited the current hype around generative AI technology, skillfully combining targeted geofencing, compromised business accounts and orchestrated bot amplification to reach a substantial audience while
    carefully evading cybersecurity defenses."

    This is yet another proof that internet buzz does not translate to
    legitimacy. Cybercriminals are getting better at faking engagement, inflating download numbers, and writing fraudulent positive reviews.

    To remain safe on the internet, one must be vigilant at all times. Do not
    trust - verify, should be the mantra, as scam campaigns get more
    sophisticated and more difficult to spot.

    Software should always be downloaded from legitimate sources, whose URLs need to be checked meticulously. Finally, one should have a security program set
    up, and should keep their software up to date at all times.

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/criminals-are-spreading-malware-disguis ed-as-deepseek-ai

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)