DeepSeek installer or just malware in disguise? Click around and find out

Suspected cybercriminals have created a fake installer for Chinese AI model DeepSeek-R1 and loaded it with previously unknown malware called "BrowserVenom".

The malware's name reflects its ability to redirect all traffic from browsers through an attacker-controlled server.

This enables the crooks to steal data, monitor browsing activity, and potentially expose plaintext traffic. Credentials for websites, session cookies, financial account info, plus sensitive emails and documents are therefore all at risk - just the sort of info scammers seek so they can commit digital fraud and/or sell to other miscreants.

To date, the malware has infected "multiple" computers across Brazil, Cuba, Mexico, India, Nepal, South Africa, and Egypt. Kaspersky, which spotted a phishing campaign that spreads the malware by sending victims to a fake website that resembles the real DeepSeek homepage, said it continues to "pose a global threat."

While the malware used in this campaign is new, the tactic of using interest in AI to spread nasty payloads is increasingly common.

Such campaigns use phishing sites whose domain names differ slightly from those operated by real AI vendors, and criminals use malicious ads and other tactics, so they appear prominently in search engine results. But instead of delivering the promised chatbot or AI tool, they infect unwitting victims with everything from credential- and wallet-stealing malware to ransomware and Windows-borking code.

This campaign used the URL https[:]//deepseek-platform[.]com.

The crims promoted that address to many potential victims by buying ads from Google, so it appeared as the top result when users searched for "deepseek r1".

Google says it has booted the attack ads. "Prior to the publication of this report, we detected this malware campaign and suspended the advertiser's account," a Google spokesperson told The Register.

Once Windows users reach the site, it prompts them to click a button marked "Try now." Kaspersky observed that users on other platforms are shown similarly misleading buttons with different wording.

Clicking the button takes the user to a CAPTCHA screen, which gives the site a veneer of legitimacy. The page also contains hidden JavaScript, which checks to make sure the user is not a bot so crooks know they've found a human worth targeting.

After solving the CAPTCHA, the victim is redirected to a download page featuring a "Download now" button. Clicking that downloads the malicious installer, AI_Launcher_1.21.exe, from this domain: https://r1deepseek-ai[.]com/gg/cc/AI_Launcher_1.21.exe.

According to Kaspersky, the crooks' site code includes comments in Russian, suggesting they speak the language. The security shop has not, however, attributed this campaign to a specific cybercrime group or individual.

The installer, when executed, opens another window that mimics a Cloudflare CAPTCHA (also fake) that once again verifies the victim is a human. The malware next directs the user to a screen that offers users the option of downloading and installing either Ollama or LM Studio on which to run DeepSeek. It doesn't matter which one they click: either triggers the BrowserVenom infection.

When executed, the malware first checks if the user has admin privileges. If not, the malware stops.

For those deemed worthy of infection, BrowserVenom installs an attacker-created hardcoded certificate, thus giving the criminals persistent access and allowing them to intercept traffic.

BrowserVenom also adds a hardcoded proxy server address to all currently installed and running browsers, which also allows its operators to monitor victims' traffic.

And then they get down to their evil business. ®