Security researchers warn against new risks in the in -depth application AI

Security researchers have found more vulnerabilities in Deepseek, renewing concerns about potential user and national security problems associated with the use of the Chinese artificial intelligence application.

See also: Capture the cybersecurity dividend

A distinct assessment by total quality find The DEEPSEEK AI model has failed more than half of its Jailbreak tests (see: Deepseek models vulnerable to jailbreak).

The application uses obsolete cryptographic algorithms, including hard -coded encryption keys and low data protection mechanisms, according to the report. These faults could allow attackers to decipher sensitive user data. Researchers have also found SQL injection vulnerabilities, which could allow hackers to handle the application database and gain unauthorized access to user records.

By analyzing its data transmission models, the researchers found that Deepseek collects user inputs, typing models and device data, storing this information on servers in China. The follow -up of the keys can be used to create detailed behavioral profiles of users and monitor sensitive data, such as passwords and internal communications.

The report indicates that some of this data is sent to areas related to public Chinese entities. The presence of libraries belonging to Bytedance in the Deepseek code base still raises questions about possible non -disclosed data sharing practices. Bytedance, a private Chinese technology company that owns Tiktok and other applications, was also examined by the potential influence of the Chinese government.

Deepseek incorporates several libraries belonging to Bytedance, which manage performance monitoring, remote configuration and functionality signaling, said Cory Kennedy, a “hacktualizer” at SecurSyscorecard which wrote the report. These components allow Bytedance to collect user interaction data and dynamically adjust the behavior of the application after installation. The main risks of confidentiality include unclear data sharing policies, where user data can be transmitted to Bytedance without explicit disclosure, and remote control of the application behavior, where the social media platform can potentially push configuration updates that modify the functioning of the application, he declared to information Security Media Group.

“The data is not only collected. It is transmitted to the fields linked to public Chinese entities, which raises concerns about data sovereignty and national security,” the researchers said in the report.

Vulnerabilities suggest a combination of bad security practices and potentially intentional data collection mechanisms, Kennedy said. The presence of anti-debugging measures, bydance telemetry executives and the monitoring of strikes indicates that Deepseek has been designed with in-depth data collection capacities, he said.

Although there is not yet direct proof of exploitation, Kennedy said that “if I am able to find these weaknesses, it is only a matter of time before being exploited by the attackers to be reconditioned and made available in unofficial or linked stores directly.” He said that the link does not contain malicious software, but that caution must be exercised because the hackers could use a modified version of the official application to target the victims.

There is no evidence of malicious intention, but the architecture of the application raises serious concerns concerning privacy, security and potential abuse, he said.

Any connectivity which allows the transmission of data which has not been clearly rendered 100% for the end user could be used for cyber-spying or large-scale influence operations, he said. “I cannot say directly to evidence in support of these operations, but I would say that there are enough” ingredients “in place to be careful of the data you provide and the confidence of the response,” said Kennedy.

The AI ​​model fails jailbreak tests

The addition of these concerns is the evaluation by Deepseek-R1 by Quality Totalai, a distilled version of the large language model of the company. The AI ​​model has failed more than half of the jailbreak tests carried out by quadys, demonstrating that it can be manipulated for more than its integrated restrictions.

Jailbreak attacks allow users to bypass content moderation policies of an AI model, which prompted it to generate harmful or involuntary outings. In some cases, Deepseek-R1 has proven to produce biased or politically sensitive answers, inaccurate information and in certain scenarios, even advice on illegal activities.

“As the adoption of the AI ​​is accelerating, organizations must prioritize not only performance, but also security, security and compliance,” said the Qualys report, warning that companies relying on decision -making led by AI should be careful about the deployment of models with low guarantees.

Regulatory examination and business risks

The concerns about Deepseek data processing practices are not new, regulators in several countries already taking measures against IA society.

The data protection authorities of Italy and the Irish are considering Deepseek, citing insufficient transparency concerning its privacy policies, just like FranceBelgium and South Korea. Australia forbidden Deepseek of all government systems, calling it as potential national security threat. US federal agencies have also issued staff advising the staff not to use Deepseek due to security and ethical concerns (see: Asian governments rush to deeply prohibit confidentiality problems).

Research has also revealed that Deepseek uses anti-debugging techniques designed to hinder security analysis. The application detects when researchers try to inspect their code and stops immediately. The application “invokes Android.os.debug.isdebuggerConneted () and Android.os.debug.waitfordebugger () to detect active debugging sessions”, indicates the report. If an attempt is detected, “the application force takes place to prevent analysis”.

Although anti-debugging mechanisms are common in banking or safety applications, their use in the consumer AI application raises concerns concerning the transparency of Deepseek. Security analysts have declared that these measures make it more difficult to verify how the user data is processed and stored.

A low encryption and exposure to identification information could make the application vulnerable to cyber attacks. Application data collection practices, including recording Keystroke dynamics, introduce risk of confidentiality that could allow behavioral profiling. The vulnerabilities of the Deepseek-R1 AI model suggest that its guarantees are insufficient to avoid improper use.

The reports show that if Deepseek may not be downright malicious, the potential for abusive use and access to third -party data makes a risky choice for businesses. Security experts advise companies to carry out independent security audits, to assess data governance policies and to monitor outgoing network traffic before adopting the platform.

An organization must use software architectures and safety layers above LLM, in reference to executives such as Owasp top 10said Satyam Sinha, CEO and co-founder of the Acuvity Security and Governance Company. It also recommends that companies use the model for internal projects where the chances of contradictory attacks are low before exposing them to a wider customers.

Although industry has focused on Deepseek specifically since its launch on January 20, cyber attacks targeting these services are not new-even a mature Genai service can be the victim of cyberattacs, he said. “All models hallucinate, provide disinformation and are subject to exploits, vulnerabilities and attacks on a various degree,” he said. “Deepseek is only the tip of the iceberg, not a single-off.”