Artificial Intelligence

Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US

DeepSeek has computer code that could send some user login information to China Mobile.

DeepSeek privacy concerns in South Korea

The website of the Chinese artificial intelligence company DeepSeek, whose chatbot became the most downloaded app in the United States, has computer code that could send some user login information to a Chinese state-owned telecommunications company that has been barred from operating in the United States, security researchers say.

The web login page of DeepSeek’s chatbot contains heavily obfuscated computer script that when deciphered shows connections to computer infrastructure owned by China Mobile, a state-owned telecommunications company. The code appears to be part of the account creation and user login process for DeepSeek.

In its privacy policy, DeepSeek acknowledged storing data on servers inside the People’s Republic of China. But its chatbot appears more directly tied to the Chinese state than previously known through the link revealed by researchers to China Mobile. The U.S. has claimed there are close ties between China Mobile and the Chinese military as justification for placing limited sanctions on the company. DeepSeek and China Mobile did not respond to emails seeking comment.

The growth of Chinese-controlled digital services has become a major topic of concern for U.S. national security officials. Lawmakers in Congress last year on an overwhelmingly bipartisan basis voted to force the Chinese parent company of the popular video-sharing app TikTok to divest or face a nationwide ban though the app has since received a 75-day reprieve from President Donald Trump, who is hoping to work out a sale.

The code linking DeepSeek to one of China’s leading mobile phone providers was first discovered by Feroot Security, a Canadian cybersecurity company, which shared its findings with The Associated Press. The AP took Feroot’s findings to a second set of computer experts, who independently confirmed that China Mobile code is present. Neither Feroot nor the other researchers observed data transferred to China Mobile when testing logins in North America, but they could not rule out that data for some users was being transferred to the Chinese telecom.

The analysis only applies to the web version of DeepSeek. They did not analyze the mobile version, which remains one of the most downloaded pieces of software on both the Apple and the Google app stores.

Advertisement. Scroll to continue reading.

The U.S. Federal Communications Commission unanimously denied China Mobile authority to operate in the United States in 2019, citing “substantial” national security concerns about links between the company and the Chinese state. In 2021, the Biden administration also issued sanctions limiting the ability of Americans to invest in China Mobile after the Pentagon linked it to the Chinese military.

“It’s mindboggling that we are unknowingly allowing China to survey Americans and we’re doing nothing about it,” said Ivan Tsarynny, CEO of Feroot.

“It’s hard to believe that something like this was accidental. There are so many unusual things to this. You know that saying ‘Where there’s smoke, there’s fire’? In this instance, there’s a lot of smoke,” Tsarynny said.

Stewart Baker, a Washington, D.C.-based lawyer and consultant who has previously served as a top official at the Department of Homeland Security and the National Security Agency, said DeepSeek “raises all of the TikTok concerns plus you’re talking about information that is highly likely to be of more national security and personal significance than anything people do on TikTok,” one of the world’s most popular social media platforms.

Users are increasingly putting sensitive data into generative AI systems — everything from confidential business information to highly personal details about themselves. People are using generative AI systems for spell-checking, research and even highly personal queries and conversations. The data security risks of such technology are magnified when the platform is owned by a geopolitical adversary and could represent an intelligence goldmine for a country, experts warn.

“The implications of this are significantly larger because personal and proprietary information could be exposed. It’s like TikTok but at a much grander scale and with more precision. It’s not just sharing entertainment videos. It’s sharing queries and information that could include highly personal and sensitive business information,” said Tsarynny, of Feroot.

Feroot, which specializes in identifying threats on the web, identified computer code that is downloaded and triggered when a user logs into DeepSeek. According to the company’s analysis, the code appears to capture detailed information about the device a user logs in from — a process called fingerprinting. Such techniques are widely used by tech companies around the world for security, verification and ad targeting.

The company’s analysis of the code determined that there were links in that code pointing to China Mobile authentication and identity management computer systems, meaning it could be part of the login process for some users accessing DeepSeek.

The AP asked two academic cybersecurity experts — Joel Reardon of the University of Calgary and Serge Egelman of the University of California, Berkeley — to verify Feroot’s findings. In their independent analysis of the DeepSeek code, they confirmed there were links between the chatbot’s login system and China Mobile.

“It’s clear that China Mobile is somehow involved in registering for DeepSeek,” said Reardon. He didn’t see data being transferred in his testing but concluded that it is likely being activated for some users or in some login methods.

RelatedDeepSeek Security: System Prompt Jailbreak, Details Emerge on Cyberattacks

Related: DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test

Related: What is DeepSeek, the Chinese AI Company Upending the Stock Market?

RelatedTexas Governor Orders Ban on DeepSeek, RedNote for Government Devices

RelatedItaly Blocks Access to the Chinese AI Application DeepSeek to Protect Users’ Data

Related Content

Cyberwarfare

Both foes and allies have targeted the Balochistan Police force in Pakistan for at least two years, according to SentinelOne.

Network Security

Cisco says the threat actor behind the LapDogs campaign has expanded its SOHO router malware toolkit with LongLeash, DogLeash, and JarLeash backdoors.

Cybercrime

Threat actors are selling investment scam templates created using the legitimate DCloud Uni-App toolkit.

Nation-State

Google’s Threat Intelligence Group has been tracking the cyberespionage group as UNC6508 since early 2025.

Government

The 13 websites purported to be affiliated with consulting companies that advertised job openings for current and former holders of security clearances

Nation-State

Posing as recruiters on online platforms, Chinese intelligence officers target personnel with access to classified or privileged information.

Cybercrime

Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities.

Malware & Threats

Salt Typhoon has hit an energy entity in Azerbaijan. Twill Typhoon has targeted Asian entities with an updated RAT.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version