The new Deepseek mobile application audit for the Apple iOS operating system has found that bright security issues, the main thing that it sends sensitive data over the Internet that allows you to encrypt, exposing it with interception and manipulation.
The assessment comes from nowsecure, which also showed that the app does not follow the best security practices and that it collects extensive user data and devices.
“DEEPEEK iOS app sends some mobile app registration and devices online without encryption”, company – Note. “This exposes any data on the internet both passive and active attacks.”
Down also showed several weaknesses of implementation when it comes to using encryption on the user’s data. This includes the use of uncertain in symmetrical encryption algorithm (3); Vectors of initialization.
Except Volcano engineA Chinese company that also manages Tiktok.
“The Deepseek iOS app globally disables the security of applications (ATS), which is the IOS platform protection that prevents the sending of sensitive data to unencrypted channels,” NOWSECURE said. “As this protection is disabled, the app can (and does) send uncontrolled data online.”
The conclusions are added to pepper list of problem which were raised around artificial intelligence (AI) Chatbot, even when it took off to the top of the App Store graphics on Android and iOS in multiple markets around the world.
Cybersecurity Company Point said there were cases of threats that use AI engines with Deepseek, as well as Alibaba Qwen and Openai Chatgpt, to develop information thefts, create undefeated or unusual content and optimization of script.
“As the threatening subjects use modern methods such as Jailbreaking to bypass protective measures and develop information about theft, financial theft and spam, the urgency of organizations to implement active protection against these developing threats provides reliable protection against the potential incorrect use of AI technologies” , Company company “Company Company”, – A company that is actively developing against these developing threats, providing reliable protection against potential misuse of AI technology “,” company company company – Note.
Earlier this week Associated Press disclosed This Deepseek website is set up to send user login information to China Mobile, a state telecommunications campaign banned from working in the US.
Chinese application links look like Checkpushed us legislators to Click on the nationwide ban On Deepseek from government devices through the risks that it can provide user information to Beijing.
It is worth noting that several countries, including Australia. Italy. Handsetlands. Taigaand South Koreaand State institutions in India And the US, such as Congress, NASA, NASU, Pentagon and Texas, have created prohibitions on Deepseek from government devices.
The popularity of Deepseek also led to the fact that he fought malicious attacks, with the Chinese firm Cybersecurity Xlab say Global times that the service has been exposed to a sustainable spreading attack of service (DDOS) that come from Mirai Botnets kind and Rapperbat at the end of last month.
Meanwhile, cybercrime is waste No time To take advantage of the madness related to Deepseek to set up pages that distribute malware, fake investment scams and fraudulent cryptocurrency schemes.
