Cyber Defense Advisors

Malware attack disguises itself as DeepSeek installer

Malware attack disguises itself as DeepSeek installer

Cybercriminals are exploiting the growing interest in open source AI models by disguising malware as a legitimate installer for DeepSeek.

Victims are unwittingly downloading the “BrowserVenom” malware designed to steal stored credentials, session cookies, etc and gain access to cryptocurrency wallets.

How are the bad guys spreading the malware? By buying Google ads… sigh… which point to a fake DeepSeek download page.

Sign up to our free newsletter.
Security news, advice, and tips.

Google says it has suspended the advertiser’s account. No doubt the cybercriminals won’t… oh, i don’t know… just create another account and try again, perhaps?

I think it would be better if the whole world ignored all Google ads, or.. hey.. perhaps ditched Google altogether.

Find more discussion of this issue in the comments on my LinkedIn post.


 

Related Post

Discord Invite Link Hijacking Delivers AsyncRAT and Skuld

A new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an information stealer called Skuld and

Cyber News

Friday Squid Blogging: Stubby Squid

Video of the stubby squid (Rossia pacifica) from offshore Vancouver Island. As usual, you can also use this squid post

Cyber News

Why a GRC Platform Isn’t Optional Anymore—It’s Mission-Critical

Why a GRC Platform Isn’t Optional Anymore—It’s Mission-Critical In today’s cybersecurity landscape, chaos is the default setting. Threats move fast.

Cyber Thoughts

Dutch police identify users as young as 11-year-old

Graham CLULEY June 13, 2025 Promo Protect all your devices, without slowing them down. Free 30-day trial Dutch police have

Cyber News

Leave feedback about this

  • Quality
  • Price
  • Service
Choose Image