Security researchers at Malwarebytes have discovered a malicious advertising campaign targeting users searching for DeepSeek through Google. The campaign used sponsored search results to direct users to a fraudulent website masquerading as the legitimate DeepSeek platform.
The fake website, while visually different from the authentic DeepSeek site, was designed to appear credible enough to deceive visitors. Users who clicked the download button on the impersonating site inadvertently installed a Trojan malware onto their devices.
Google has since taken action against the threat. A company spokesperson confirmed that their systems detected the malware campaign and suspended the advertiser's account before the public disclosure. Google emphasized that their policies strictly prohibit advertisements intended to distribute malware.
This incident adds to a series of recent cyber threats involving AI platforms and search results. In February, cybersecurity firm AppSOC revealed concerns about DeepSeek's AI model, noting significant security vulnerabilities. Their testing showed high failure rates when the model was challenged with requests for malicious code generation.
Similar schemes have emerged on other platforms. Earlier this year, Trend Micro identified cybercriminals exploiting Google and YouTube search results to target users seeking cracked software. The attackers posed as tutorial creators, embedding malicious links in video descriptions and comments.
The growing sophistication of these attacks, particularly those leveraging AI-related tools and platforms, highlights the evolving nature of cyber threats. Security experts advise users to exercise caution when downloading software and to verify the authenticity of websites, especially when accessed through sponsored search results.