The excitement around the Chinese AI company DeepSeek has also attracted criminals. They are trying to scam people with fake cryptocurrencies or distribute malware through fake websites. Meanwhile, DeepSeek has neglected security: a database with sensitive information was left open on the internet.
IT security researchers from Wiz wrote in a blog post that they looked for security vulnerabilities due to the buzz around the young AI star DeepSeek and quickly found them. “Within minutes, we found a publicly accessible ClickHouse database connected to DeepSeek – completely open and without authentication, allowing access to sensitive data. They were hosted under ‘oauth2callback.deepseek.com:9000’ and ‘dev.deepseek.com:9000’,” the researchers wrote.
The database contained a “significant volume of chat logs, backend data, and sensitive information, including log streams, API secrets, and operational details.” The Wiz researchers considered it critical that full control of the database and potential privilege escalation within the DeepSeek environment was possible without any authentication or external defense mechanisms. Following the researchers’ alerts, DeepSeek promptly secured the databases.
Meanwhile, criminals are also jumping on the DeepSeek bandwagon to profit illegally. On X, BSCN shared that scammers are setting up fake DeepSeek cryptocurrencies, causing significant financial damage.
A Solana-based token misusing the DeepSeek name reached a market capitalization of around 49 million USD on Monday. The trading volume was even 150 million USD, according to BSCN, based on data from the Solana token aggregator Birdeye. After the initial surge, the total value dropped to only 4 million USD by Tuesday. Another fake DeepSeek token briefly reached a market capitalization of 13 million USD with a trading volume of 28.5 million USD; it also plummeted to a total value of 2 million USD.
DeepSeek clarified on its official X account @deepseek_ai that the company has nothing to do with this. “DeepSeek has not issued any cryptocurrencies. Additionally, there is only one official account on the Twitter platform. We do not contact anyone through other accounts. Please stay vigilant and be on the lookout for possible scams,” DeepSeek wrote.
This advice is certainly to be taken seriously. While DeepSeek calls itself “DeepSeek AI,” the official company domain is deepseek.com. DeepSeek appears to have been somewhat naive, not only in database security but also in extensive, preventive domain registration with other top-level domains and typo domains. Criminals have taken advantage of this opportunity and registered the TLDs .ai, .org, .app, .top, .cyou to “deepseek” as well as domains like deepseekai.com or deepseekagent[.]com, as user @AlvieriD shared on X.
Some of these host fake, cloned DeepSeek websites that can distribute malware.
This week, DeepSeek also fell victim to cyberattacks that affected the availability and performance of their services. The registration of new accounts should now work again, as the company has implemented several countermeasures.