{"id":53116,"date":"2025-03-06T05:02:05","date_gmt":"2025-03-06T10:02:05","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=53116"},"modified":"2025-03-06T05:02:05","modified_gmt":"2025-03-06T10:02:05","slug":"trojans-disguised-as-deepseek-grok-clients","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/trojans-disguised-as-deepseek-grok-clients\/53116\/","title":{"rendered":"Trojans masquerading as DeepSeek and Grok clients"},"content":{"rendered":"

In early 2025, the Chinese chatbot, DeepSeek, burst onto the AI scene. It provoked much comment and controversy across the globe: we could hardly fail to spot the similarity of its logo to our own<\/a>, comparisons with ChatGPT were abundant<\/a>, and in Italy, South Korea, Australia, and other countries, DeepSeek was blocked altogether<\/a>. The hype was \u2014 and remains \u2014 intense, including among cybercriminals.<\/p>\n

We\u2019ve discovered several groups of sites mimicking the official chatbot website and distributing malicious code under the guise of what appears to be a legitimate client. To find out exactly how these cybervillains operate, and how to use AI safely, read on\u2026<\/p>\n

Malicious scripts and geofencing<\/h2>\n

Several malware distribution schemes were detected, all of which had the use of fake DeepSeek websites as the common denominator. The difference lies in what was distributed through these sites and how. This post thoroughly explores one of these schemes; for details on the others, see our full report on Securelist<\/a>.<\/p>\n

What would you think if you landed on a website with the domain deepseek-pc-ai[.]com<\/em> or deepseek-ai-soft[.]com<\/em>? You\u2019d probably assume you could find there some DeepSeek-related software. And what kind of software might that be? A DeepSeek client, of course! And indeed, you\u2019ll quickly see the bright Download<\/strong> and slightly duller Start Now<\/strong> buttons that greet visitors to the site.<\/p>\n

\"Fake<\/a>

Fake DeepSeek web page<\/p><\/div>\n

Whichever of these buttons you click, an installer starts downloading. But there\u2019s a catch: once initiated, instead of installing DeepSeek, the installer accesses malicious URLs, and manipulates scripts to activate the SSH service in Windows to configure it to work with the attackers\u2019 keys. This enables them to remotely connect to the victim\u2019s computer, who doesn\u2019t even get a DeepSeek Windows client as consolation\u2026 which, by the way, doesn\u2019t exist.<\/p>\n

Interestingly, the fake sites use geofencing<\/a> \u2014 restricting access based on the region of the IP address. For example, users from Russia on these domains saw a simple stub site with empty texts about DeepSeek \u2014 most likely generated by DeepSeek itself or a different large language model<\/a>. Visitors from other countries, however, were taken to the malicious site distributing the fake client.<\/p>\n

A million views on X<\/h2>\n

The main vector for distributing links to the malicious URLs was posts on the social network X (formerly Twitter). One of the most popular posts (now deleted) was published from the account of Australian startup Lumina Vista, which, open sources say<\/a>, has no more than 10 employees. The company\u2019s account itself is in its infancy: it only got the coveted blue check-mark in February 2025, and boasts just a dozen posts and fewer than 100 subscribers. Yet the post promoting the fake DeepSeek site garnered 1.2 million views and more than 100 reposts. Bit fishy? We investigated the accounts that reposted it and concluded that they could be bots, since all use the same naming convention and identifiers in the bio section. Incidentally, it\u2019s quite possible that Lumina Vista\u2019s account was simply hacked and used for paid promotion of the attackers\u2019 ad post.<\/p>\n

\"1.2<\/a>

1.2 million views in a near-empty account? Smells like paid promotion<\/p><\/div>\n

In the comments, some users pointed out that the link leads to a malicious site, but they were in the minority \u2014 the rest were simply expressing views about DeepSeek, Grok, and ChatGPT. However, none of the commenters noted the obvious: DeepSeek has no native client for Windows, and you can only access it in a browser. You can also run DeepSeek locally<\/a> but that requires specialized software.<\/p>\n

How to use AI safely<\/h2>\n

At present, it\u2019s not easy to assess the scale of this and other malicious schemes involving fake DeepSeek pages. But one thing is for certain: these campaigns are massive and not targeted at specific users. Yet they\u2019re developing very quickly: soon after the announcement of Grok-3, attackers began offering to download its client both from the domain v3-grok[.]com<\/em>, and from\u2026 v3-deepseek[.]com<\/em>! Indeed, Grok, DeepSeek \u2013 what\u2019s the difference?\u2026<\/p>\n

Without reliable protection<\/a>, any AI enthusiast is at risk. That\u2019s why it\u2019s vital to follow the safety rules and recommendations when using AI.<\/p>\n