Thursday, July 16, 2026
  • About
  • Advertise
  • Careers
  • Contact
NewsTrendsKE
  • Business
    • Deals
  • OpEds
  • Sustainability
  • Women in Business
  • Lifestyle
  • Featured
  • Technology
    • Phones
  • Sports
  • World
  • Contact Us
No Result
View All Result
NewsTrendsKE
No Result
View All Result

Home » Technology » Kaspersky uncovers sophisticated deception campaign using DeepSeek AI as bait

Kaspersky uncovers sophisticated deception campaign using DeepSeek AI as bait

Queen Amber by Queen Amber
1 year ago
in Technology
Reading Time: 3 mins read
A A
Share on FacebookShare on TwitterShare on WhatsApp
Kaspersky

Security researchers at Kaspersky (www.Kaspersky.co.in/) have revealed how cybercriminals used geofencing, compromised business accounts and coordinated bot networks to distribute malware disguised as DeepSeek AI software, generating over 1.2 million views on X.

Also Read

NewsTrendsKE with APO News Updates

Government Seeks Shs16 Billion Tax Waivers for Local Companies

15 July 2026
NewsTrendsKE with APO News Updates

African Petroleum Producers’ Organization (APPO) National Oil Companies (NOC)-Chief Executive Officer (CEO) Forum Set to Chart Africa’s Next Phase of Energy Growth in Cape Town this October

15 July 2026
Load More

Kaspersky’s Threat Research and AI Technology Research have jointly identified a sophisticated deception campaign exploiting the rapid growth and public interest surrounding DeepSeek AI — a popular generative AI chatbot — in order to distribute malware through fraudulent websites.

In their investigation, Kaspersky researchers revealed that cybercriminals established deceptive replicas of the official DeepSeek website, using domain names like “deepseek-pc-ai[.]com” and “deepseek-ai-soft[.]com.” A distinctive feature of this campaign was its use of geofencing technology, where malicious websites examine each visitor’s IP address and dynamically alter content presentation based on geographic location, enabling attackers to fine-tune their approach and reduce detection risks.

“This campaign demonstrates notable sophistication beyond typical social engineering attacks,” explained Vasily Kolesnikov, senior malware analyst at Kaspersky Threat Research. “Attackers exploited the current hype around generative AI technology, skillfully combining targeted geofencing, compromised business accounts and orchestrated bot amplification to reach a substantial audience while carefully evading cybersecurity defenses.”

According to Kaspersky’s analysis, the campaign’s primary distribution channel was the social media platform X. Attackers strategically compromised the social media account of a legitimate Australian company to widely disseminate fraudulent links. This single malicious post drew significant attention, reaching approximately 1.2 million impressions and generating hundreds of reposts. Researchers determined that these reposts largely originated from coordinated bot accounts — evident due to their similar naming conventions and profile characteristics — indicating a deliberate amplification of the malicious content.

Visitors lured to the fraudulent websites were directed to download a fabricated DeepSeek client application. Instead of the authentic software, these sites delivered malicious installers using the Inno Setup installation platform. Once executed, these compromised installers attempted to contact remote command-and-control servers to retrieve Base64-encoded PowerShell scripts. These scripts subsequently activated Windows’ built-in SSH service, reconfigured it with attacker-controlled keys and enabled full remote unauthorised access to compromised systems.

All malware payloads connected to this campaign are proactively identified and blocked by Kaspersky security products such as Trojan-Downloader.Win32.TookPS.* variants.

To remain secure, Kaspersky advises people to do the following:

  • Check URLs meticulously. Fraudulent AI websites often use domain names that closely resemble legitimate services but contain subtle differences. Before downloading any AI software, verify that the website URL exactly matches the official domain with no additional words, hyphens or spelling variations.
  • Use comprehensive security protection. Deploy a robust security solution like Kaspersky Premium on all devices to detect and block malicious installers and websites before they can compromise your system.
  • Keep all software updated. Many security vulnerabilities exploited by malware can be addressed by installing the latest versions of your operating system and applications, particularly security software.

Read more on Securelist.com and Kaspersky Daily blog (https://apo-opa.co/4iDjGFt).

Distributed by APO Group on behalf of Kaspersky.

For further information please contact:
Nicole Allman 
INK&Co (https://apo-opa.co/3FhWiiA)
nicole@inkandco.co.za

Follow us:
Facebook: https://apo-opa.co/4ieqjhN
X:https://apo-opa.co/3FicfFC
You Tube: https://apo-opa.co/41Socuj
Instagram: https://apo-opa.co/41SoukT
Blog: https://apo-opa.co/3Fc6dq2

About Kaspersky:
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.Kaspersky.co.za. 

Media files
Kaspersky
Download logo
Previous Post

Egypt: Minister of Planning, Economic Development, and International Cooperation Reviews the Implementation of the 2024/2023 Development Plan with the Economic Committee of the House of Representatives

Next Post

New Report: Institutional and Policy Reforms Needed to Boost Economic Growth and Development in Liberia

Related Posts

NewsTrendsKE with APO News Updates
APO News

Government Seeks Shs16 Billion Tax Waivers for Local Companies

15 July 2026
NewsTrendsKE with APO News Updates
APO News

African Petroleum Producers’ Organization (APPO) National Oil Companies (NOC)-Chief Executive Officer (CEO) Forum Set to Chart Africa’s Next Phase of Energy Growth in Cape Town this October

15 July 2026
NewsTrendsKE with APO News Updates
APO News

Kora Highlights Africa’s Growing Role in Global Payments Conversations at iFX Expo International

15 July 2026
NewsTrendsKE with APO News Updates
APO News

Common Security and Defence Policy (CSDP) Service Medal Awarded to Djiboutian Maritime Authorities

15 July 2026
x

Jinsi ya Kupita Vizuilio vya Mtandaoni wa X

21 May 2025
Tiktok for artists

TikTok expands AI transparency and literacy efforts across Sub-Saharan Africa

14 July 2026
World Youth Skills Day

World Youth Skills Day: Why Kenya Must Help Young People Turn Skills into Jobs and Businesses

14 July 2026
Your companion to AI living

Samsung Electronics East Africa and Jomo Kenyatta University of Agriculture and Technology Partner to Spark Careers in AI and Programming

10 July 2026

Why Safaricom’s Data Privacy Awareness Drive Matters to Every Kenyan

15 July 2026
Kenya urged to scale up antimicrobial stewardship as Gertrude’s Children’s Hospital secures global accreditation

Kenya urged to scale up antimicrobial stewardship as Gertrude’s Children’s Hospital secures global accreditation 

14 July 2026
NewsTrendsKE

NewsTrendsKE

A News Blog For Readers Who Want More

Follow us on social media:

  • About
  • Advertise
  • Careers
  • Contact

©2026 NewsTrendsKE.

No Result
View All Result
  • Business
    • Deals
  • OpEds
  • Sustainability
  • Women in Business
  • Lifestyle
  • Featured
  • Technology
    • Phones
  • Sports
  • World
  • Contact Us

©2026 NewsTrendsKE.

Go to mobile version