• News
    • Tech News
    • AI
  • Gadgets
    • Apple
    • iPhone
  • Gaming
    • Playstation
    • Xbox
  • Science
    • News
    • Space
  • Streaming
    • Netflix
  • Vehicles
    • Car News
  • Social Media
    • WhatsApp
    • YouTube
  • Advertise
  • Terms
  • Privacy & Cookies
  • LADbible Group
  • LADbible
  • UNILAD
  • SPORTbible
  • GAMINGbible
  • Tyla
  • FOODbible
  • License Our Content
  • About Us & Contact
  • Jobs
  • Latest
  • Topics A-Z
  • Authors
Facebook
Instagram
X
TikTok
Snapchat
WhatsApp
Submit Your Content
Cybersecurity concerns sparked as loophole means DeepSeek could hand out malware codes to users

Home> News> AI

Published 09:27 14 Mar 2025 GMT

Cybersecurity concerns sparked as loophole means DeepSeek could hand out malware codes to users

A reason to be nervous around the Chinese AI startup

Ben Williams

Ben Williams

AI is getting smarter, but not always in the best way. Researchers have found that the DeepSeek R1 chatbot can be tricked into generating malware code with just a bit of clever prompting.

Despite having built-in safeguards to prevent misuse, the AI model — launched in January and touted for its cost-saving potential — can be convinced to write keylogger and ransomware scripts if you phrase your request the right way, sure adding to the concerns of social media users like in the Reddit thread below.




Advert

Cybersecurity experts at Tenable put the system to the test and discovered that, while it won’t hand out malicious code on demand, a little persistence can get it to cooperate.

At first, DeepSeek R1 sticks to its rules. Ask it for a keylogger, and it responds: “Hmm, that's a bit concerning because keyloggers can be used maliciously. I remember from my guidelines that I shouldn't assist with anything that could be harmful or illegal.”

But tell it the code is for "educational purposes," and suddenly the chatbot becomes a lot more helpful. With a few back-and-forth prompts, the AI starts offering up C++ malware examples, even explaining the steps needed to make them work.

The generated code isn’t perfect, requiring some manual tweaks. Once those are made though, the keylogger runs successfully — logging keystrokes while staying hidden from the user. It’s still detectable in Task Manager, and its log file appears in Windows Explorer, but as Tenable researchers pointed out, giving it an inconspicuous name could make it easy to overlook.

Advert

When asked to refine the keylogger by hiding the log file, DeepSeek even provided an improved version of the code, only containing a single critical error. With that minor issue fixed, the malware worked as intended, fully concealing the logs from plain view.

And it’s not just keyloggers. Researchers found that with the right phrasing, DeepSeek could also produce basic ransomware scripts. Again, the AI-generated code wasn’t flawless, but with enough guidance, it could be turned into something functional.

The Tenable team explained: "At its core, DeepSeek can create the basic structure for malware".

"However, it is not capable of doing so without additional prompt engineering as well as manual code editing for more advanced features", Tenable further elaborated.

The DeepSeek logo (Getty Images)
The DeepSeek logo (Getty Images)

Advert

They added that, while DeepSeek isn't an instant hacking tool, it still offers enough guidance for someone with little experience to quickly learn the basics of writing malicious software.

The idea of AI generating malware has been a growing concern ever since generative models went mainstream. While early fears of "fully autonomous AI hackers" have been largely overblown, cybercriminals have been busy developing their own models — like WormGPT and FraudGPT — to bypass restrictions.

Meanwhile, some hackers are taking the easier route, selling pre-written jailbreak prompts to help criminals manipulate mainstream AI tools like DeepSeek.

The UK’s National Cyber Security Centre has warned on their website that AI could significantly impact cyber threats. Right now, malicious AI-generated code isn’t quite advanced enough to evade detection, but experts believe that could change — especially if state-backed hackers get involved.

Advert

For now, DeepSeek isn’t handing out fully functional malware at the click of a button, but the fact that its guardrails can be bypassed at all is still a major cause for concern.

Featured Image Credit: SOPA Images / Contributor / Getty
AI
Cybersecurity
Malware

Advert

Advert

Advert

Choose your content:

4 hours ago
5 hours ago
9 hours ago
  • 4 hours ago

    Elon Musk has chilling warning for future of America following latest Senate draft bill

    The Trump vs Musk feud is back

    News
  • 4 hours ago

    Fire safety experts urge drivers to remove these three items from their cars immediately

    To save your tech and maybe even your vehicle

    News
  • 5 hours ago

    Rare earth minerals discovered on 353,785-acre Texas ranch could power everything from smart phones to military weapons

    The discovery was made on state-owned land

    Science
  • 9 hours ago

    Shocking amount of money Jeff Bezos donated to Venice ahead of controversial $50,000,000 wedding

    With tons of big guests in attendance

    News
  • WhatsApp users outraged as latest AI update sets out to ruin group chats
  • Crucial warning to all 3,000,000,000 Chrome users over dangerous 'fake URL' scam
  • Millions of Netflix users warned of frighteningly realistic email scam that could steal cash
  • iPhone iOS 26 feature goes viral as it tempts users to switch to Apple Music