Summary: A recent audit of DeepSeek’s iOS mobile app has uncovered significant security vulnerabilities, including the transmission of sensitive data without encryption and the use of insecure encryption methods. Concerns have escalated due to the app’s links to Chinese entities and its potential to expose user data. As DeepSeek rises in popularity, it faces threats from cybercriminals exploiting its user base for illicit activities.
Affected: DeepSeek mobile application
Keypoints :
- Sensitive data is transmitted unencrypted, exposing it to interception risks.
- The app uses an outdated encryption algorithm (3DES) with hard-coded keys.
- Links to ByteDance’s Volcano Engine and violations of App Transport Security raise national security concerns.
- DeepSeek has attracted malicious attacks, including DDoS attacks and lookalike pages for scams.
- Several governments have banned DeepSeek from their devices due to security risks.
Source: https://thehackernews.com/2025/02/deepseek-app-transmits-sensitive-user.html
Views: 0
简体中文
Nederlands
Français
Bahasa Indonesia
日本語
Português