The Deepseek mobile application for Apple iOS sends confidential data over the Internet, pursuing their threat to interception and manipulation. This was reported by Nowsecure, whose experts audit the security of the application and revealed several egregious problems.
Image source: NowSecure.com
Conservation of user data when working with the application is characterized by serious flaws in implementation: the unsafe symmetric encryption algorithm is used, the encryption key is encrypted, there is re -use of initialization vectors. Data is sent to servers under the control of the cloud computing platform and storage of Volcano Engine, owned by Bytedance (owns Tiktok). “In the DeepSeek application, the App Transport Security (ATS) is globally disabled for iOS – protection at the iOS platform that prevents the sending of confidential data on unnoticed channels. Since this defense is disabled, the application can send (and sends) unnoticed data via the Internet, ”Nowsecure notes.
CHECK Point, specializing in cybersecurity, previously announced the recorded cases when attackers used the Deepseek, Alibaba QWEN and Openai Chatpt Platforms to create data theft tools to generate unacceptable materials and optimize scripts for sending spam. The DeepSeek service, in addition, sends users’ accounting data at China Mobile – an operator whose activities are prohibited in the United States, reported by Associated Press.
The Chinese roots of the application have already prompted American lawmakers to seek the ban on the use of Deepseek on all devices belonging to the government – in their opinion, the service administration can share information about users with the Chinese authorities. The decision on the ban has already been made in Australia, Italy, the Netherlands, South Korea, India and Taiwan; In the United States, the service cannot be used on Congress devices, NASA, Navy, Pentagon and Texas.
The explosion of the popularity of Deepseek brought some problems and the project itself: he had to fight off the DDOS attacks emanating from the Hailbot and Rapperbot Mirai family. The DeepSeek brand is also used in schemes related to investment and cryptocurrency fraud, the spread of malware, fake pages are created that simulate the official website of the project.