Threat researchers have come across two malicious Python packages offered as resources for integrating the Chinese AI model DeepSeek into software projects.
The malicious packages, named ‘deepseeek’ and ‘deepseekai’, were uploaded to the Python Package Index (PyPI) package repository by a user named ‘bvk’ on January 29.
The fake DeepSeek packages were detected in minutes by cybersecurity firm Positive Technologies and PyPI administrators removed them within an hour of their publishing.
However, they were still downloaded more than 200 times before they were removed, including over 100 times from the United States.
An analysis showed that the fake DeepSeek packages hid malicious functions designed to collect user and system data, as well as environment variables.
“Environment variables often contain sensitive data required for applications to run, for example, API keys for the S3 storage service, database credentials, and permissions to access other infrastructure resources,” Positive Technologies noted.
The malware is designed to send the stolen data to a command and control server through the Pipedream integration platform.
“It’s worth mentioning that the script was written with the help of an AI assistant, which is indicated by the characteristic comments explaining the lines of code,” the security firm said.
The attack was likely aimed at developers, ML engineers or AI enthusiasts, according to Positive Technologies.
“Cybercriminals always monitor the current trends and will try to take advantage of them at the right moment. In this case, we analyzed a relatively harmless attack, although due to the hype around DeepSeek, there could be a lot more victims if the malicious package activity stayed hidden for longer,” the company said.
Security firm ESET has also seen scams and malware delivery leveraging DeepSeek’s newly gained notoriety. In one case, a fake DeepSeek website delivered digitally signed malware to users who clicked a ‘download now’ button.
Related: DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test
Related: DeepSeek Security: System Prompt Jailbreak, Details Emerge on Cyberattacks
Related: Unprotected DeepSeek Database Exposed Chats, Other Sensitive Information
Related: What is DeepSeek, the Chinese AI Company Upending the Stock Market?
