Close Menu
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
What's Hot

A critical MCP-Remote vulnerability allows remote code execution, affecting over 437,000 downloads

ICEX Forum 2025 Opens: FySelf’s TwinH Showcases AI Innovation

Fake Games and AI Companies Push Malware to Cryptocurrency Users via Telegram and Discord

Facebook X (Twitter) Instagram
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
Facebook X (Twitter) Instagram
Fyself News
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
Fyself News
Home » The DeepSeek app sends sensitive user and device data without encryption
Identity

The DeepSeek app sends sensitive user and device data without encryption

userBy userFebruary 7, 2025No Comments3 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

February 7, 2025Ravi LakshmananMobile Security/Artificial Intelligence

A new audit of DeepSeek’s mobile app for the Apple IOS operating system has discovered obvious security issues. This is the exposure to encryption and manipulation attacks, sending sensitive data over the Internet, and exposing it to the internet and manipulation attacks.

The rating comes from Nowsecure, and we found that the app fails to adhere to the best security practices and collects data from a wide range of users and devices.

“The DeepSeek iOS app sends mobile app registrations and device data over the Internet without encryption,” the company said. “This exposes the data in your internet traffic to both passive and active attacks.”

The fragments also revealed some of the weaknesses of implementations regarding the application of encryption to user data. This includes using insecure symmetric encryption algorithms (3DES), hard-coded encryption keys, and reuse of initialization vectors.

Cybersecurity

Additionally, this data is sent to servers managed by the Cloud Compute and Storage platform, owned by Bytedance, the Chinese company that runs Tiktok.

“The DeepSeek iOS app globally disables APP Transport Security (ATS), an IOS platform-level protection that prevents sensitive data from being transmitted over unencrypted channels,” says Nowsecure. . “This protection is disabled so apps can (and do) send unencrypted data over the Internet.”

The findings have been added to the growing list of concerns raised around the Artificial Intelligence (AI) chatbot services, even if they spike at the top of the App Store chart on both Android and iOS in several markets around the world. Masu.

Cybersecurity company checkpoint leverages Deepseek’s AI engine alongside Alibaba Qwen and Openai ChatGpt to develop information steelers, generate uncensored or unlimited content, and optimize scripts for large spam distributions To this point, he said he observed instances of threat actors that are leveraging Deepseek’s AI engine.

“Threat targets will use advanced technologies such as bypassing protection measures and breaking away from information theft and breaking away to develop spam distribution, so organizations will implement aggressive defenses against these evolving threats. “The urgency for this ensures a robust defense against the potential misuse of AI technology.”

Earlier this week, the Associated Press revealed that DeepSeek’s website is configured to send user login information to China Mobile, a state-owned telecommunications company that is prohibited from operating in the US. .

Similar to Tiktok, the Chinese link in the app has urged US lawmakers to push for a nationwide ban on Deepseek from government equipment over the risk that it could provide user information to Beijing.

Cybersecurity

It is worth noting that several countries, including Australia, Italy, the Netherlands, Taiwan, and South Korea, as well as US government agencies such as India, Congress, NASA, Navy, Pentagon and Texas, have enacted bans on deep stakes. Masu. From government devices.

Deepseek’s explosion into popularity has also led to a fight against malicious attacks, and Chinese cybersecurity firm XLAB told Global Times that the service gave birth to Mirai Botnets Hailbot and Rapperbot late last month, a sustained dispersal denial (DDO) ) It tells you that you are being exposed to attack.

Meanwhile, cybercriminals are not wasting their time using the enthusiastic pages around Deepseek to set up pages that look like they’ll propagate malware, fake investment scams and fraudulent cryptocurrency schemes. .

Did you find this article interesting? Follow us on Twitter and LinkedIn to read exclusive content you post.

Source link

Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticleInvesting $40 billion in SoftBank Openai at a valuation of $260 billion, report
Next Article Israeli Army destroys Jenin’s house and continues raids on the West Bank | Occupy West Bank News
user
  • Website

Related Posts

A critical MCP-Remote vulnerability allows remote code execution, affecting over 437,000 downloads

July 10, 2025

ICEX Forum 2025 Opens: FySelf’s TwinH Showcases AI Innovation

July 10, 2025

Fake Games and AI Companies Push Malware to Cryptocurrency Users via Telegram and Discord

July 10, 2025
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

A critical MCP-Remote vulnerability allows remote code execution, affecting over 437,000 downloads

ICEX Forum 2025 Opens: FySelf’s TwinH Showcases AI Innovation

Fake Games and AI Companies Push Malware to Cryptocurrency Users via Telegram and Discord

LGND wants to make ChatGpt for the Earth

Trending Posts

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to Fyself News, your go-to platform for the latest in tech, startups, inventions, sustainability, and fintech! We are a passionate team of enthusiasts committed to bringing you timely, insightful, and accurate information on the most pressing developments across these industries. Whether you’re an entrepreneur, investor, or just someone curious about the future of technology and innovation, Fyself News has something for you.

ICEX Forum 2025 Opens: FySelf’s TwinH Showcases AI Innovation

The Future of Process Automation is Here: Meet TwinH

Robots Play Football in Beijing: A Glimpse into China’s Ambitious AI Future

TwinH: A New Frontier in the Pursuit of Immortality?

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
© 2025 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.