A recent audit of DeepSeek’s mobile app for Apple iOS has uncovered significant security vulnerabilities, with the most concerning issue being the transmission of sensitive data over the internet without encryption. NowSecure, the company behind the assessment, highlighted that this lack of encryption exposes the data to interception and manipulation attacks. Additionally, the app was found to collect extensive user and device data, raising further privacy concerns.
Further analysis of the DeepSeek iOS app revealed implementation weaknesses in applying encryption to user data. The app utilized an insecure symmetric encryption algorithm (3DES), a hardcoded encryption key, and the reuse of initialization vectors. These vulnerabilities could potentially compromise the security and confidentiality of user information, leaving it susceptible to exploitation by malicious actors.
The data transmitted by the app is sent to servers managed by Volcano Engine, a cloud compute and storage platform owned by ByteDance, the parent company of TikTok. NowSecure noted that the app globally disables App Transport Security (ATS), a protection mechanism on iOS that prevents sensitive data from being sent over unencrypted channels. This disabled protection allows the app to send unencrypted data over the internet, further exacerbating the security risks.
The concerns surrounding DeepSeek extend beyond security vulnerabilities, with reports indicating that threat actors have been leveraging AI engines from DeepSeek to develop malicious content such as information stealers and spam distribution scripts. As organizations face evolving threats from advanced techniques employed by cybercriminals, the need for proactive defenses against misuse of AI technologies becomes increasingly critical.
Amidst growing apprehensions about DeepSeek’s ties to China, various countries and government agencies have imposed bans on the app. The app’s connection to China Mobile and its potential to provide user information to Beijing have raised red flags, prompting calls for a nationwide ban. Furthermore, DeepSeek’s surge in popularity has attracted malicious attacks, including DDoS incidents originating from Mirai botnets. Cybercriminals have also capitalized on the app’s hype to launch fraudulent schemes and phishing attacks, underscoring the importance of vigilance in the face of cybersecurity threats.
Source link