• News
    • Tech News
    • AI
  • Gadgets
    • Apple
    • iPhone
  • Gaming
    • Playstation
    • Xbox
  • Science
    • News
    • Space
  • Streaming
    • Netflix
  • Vehicles
    • Car News
  • Social Media
    • WhatsApp
    • YouTube
  • Advertise
  • Terms
  • Privacy & Cookies
  • LADbible Group
  • LADbible
  • UNILAD
  • SPORTbible
  • GAMINGbible
  • Tyla
  • FOODbible
  • License Our Content
  • About Us & Contact
  • Jobs
  • Latest
  • Topics A-Z
  • Authors
Facebook
Instagram
X
TikTok
Snapchat
WhatsApp
Submit Your Content
Cybersecurity concerns sparked as loophole means DeepSeek could hand out malware codes to users

Home> News> AI

Published 09:27 14 Mar 2025 GMT

Cybersecurity concerns sparked as loophole means DeepSeek could hand out malware codes to users

A reason to be nervous around the Chinese AI startup

Ben Williams

Ben Williams

Featured Image Credit: SOPA Images / Contributor / Getty
AI
Cybersecurity
Malware

Advert

Advert

Advert

AI is getting smarter, but not always in the best way. Researchers have found that the DeepSeek R1 chatbot can be tricked into generating malware code with just a bit of clever prompting.

Despite having built-in safeguards to prevent misuse, the AI model — launched in January and touted for its cost-saving potential — can be convinced to write keylogger and ransomware scripts if you phrase your request the right way, sure adding to the concerns of social media users like in the Reddit thread below.


Advert



Cybersecurity experts at Tenable put the system to the test and discovered that, while it won’t hand out malicious code on demand, a little persistence can get it to cooperate.

Advert

At first, DeepSeek R1 sticks to its rules. Ask it for a keylogger, and it responds: “Hmm, that's a bit concerning because keyloggers can be used maliciously. I remember from my guidelines that I shouldn't assist with anything that could be harmful or illegal.”

But tell it the code is for "educational purposes," and suddenly the chatbot becomes a lot more helpful. With a few back-and-forth prompts, the AI starts offering up C++ malware examples, even explaining the steps needed to make them work.

The generated code isn’t perfect, requiring some manual tweaks. Once those are made though, the keylogger runs successfully — logging keystrokes while staying hidden from the user. It’s still detectable in Task Manager, and its log file appears in Windows Explorer, but as Tenable researchers pointed out, giving it an inconspicuous name could make it easy to overlook.

When asked to refine the keylogger by hiding the log file, DeepSeek even provided an improved version of the code, only containing a single critical error. With that minor issue fixed, the malware worked as intended, fully concealing the logs from plain view.

Advert

And it’s not just keyloggers. Researchers found that with the right phrasing, DeepSeek could also produce basic ransomware scripts. Again, the AI-generated code wasn’t flawless, but with enough guidance, it could be turned into something functional.

The Tenable team explained: "At its core, DeepSeek can create the basic structure for malware".

"However, it is not capable of doing so without additional prompt engineering as well as manual code editing for more advanced features", Tenable further elaborated.

The DeepSeek logo (Getty Images)
The DeepSeek logo (Getty Images)

They added that, while DeepSeek isn't an instant hacking tool, it still offers enough guidance for someone with little experience to quickly learn the basics of writing malicious software.

Advert

The idea of AI generating malware has been a growing concern ever since generative models went mainstream. While early fears of "fully autonomous AI hackers" have been largely overblown, cybercriminals have been busy developing their own models — like WormGPT and FraudGPT — to bypass restrictions.

Meanwhile, some hackers are taking the easier route, selling pre-written jailbreak prompts to help criminals manipulate mainstream AI tools like DeepSeek.

The UK’s National Cyber Security Centre has warned on their website that AI could significantly impact cyber threats. Right now, malicious AI-generated code isn’t quite advanced enough to evade detection, but experts believe that could change — especially if state-backed hackers get involved.

For now, DeepSeek isn’t handing out fully functional malware at the click of a button, but the fact that its guardrails can be bypassed at all is still a major cause for concern.

  • Microsoft users warned to act now as millions of passwords will be deleted soon
  • Crucial warning to all 3,000,000,000 Chrome users over dangerous 'fake URL' scam
  • Millions of Netflix users warned of frighteningly realistic email scam that could steal cash
  • FBI issue warning to Android and iPhone users as attacks increase by 700% in one month

Choose your content:

a day ago
  • a day ago

    FBI issue warning to Android and iPhone users as attacks increase by 700% in one month

    Users have reported fake texts claiming to be from the DMV

    News
  • a day ago

    Major update issued on Saudi Arabia's $1,000,000,000,000 giga-project NEOM

    The trillion-dollar project has now reached a major milestone

    News
  • a day ago

    Woman living on remote compound next to $500,000,000,000 futuristic city in Saudi Arabia reveals one thing that shocked her

    She's become a digital ambassador for the remote location

    News
  • a day ago

    Donald Trump reveals specific 'strange' moment bromance with Elon Musk turned sour

    The president has revealed all when it comes to his relationship with Musk

    News