Researchers force DeepSeek to write malware

📟 News

Date: 16/03/2025

According to Tenable, the AI chatbot DeepSeek R1 from China can be used to write malware (e.g. keyloggers and ransomware).

DeepSeek was released in January 2025 and caused a stir due to its vulnerability to jailbreaking techniques.

Similar to all major LLMs, DeepSeek has guardrails designed to prevent it from being used for malicious purposes, including malware creation. However, these restrictions can be easily circumvented.

When asked directly to write code for a keylogger or ransomware, DeepSeek refuses to do so claiming that it cannot help with potentially malicious or illegal tasks. But if you tell DeepSeek that the research is for “educational purposes only”, you can bypass its safeguards.

Tenable specialists successfully used jailbreaking techniques to fool the chatbot into writing malicious code; furthermore, they used a technique called Chain-of-Thought (CoT) to refine its results.

CoT reconstructs human thinking by breaking it down into sequential steps required to achieve the goal. In other words, CoT makes AI ‘thinking out loud’, thus, providing a step-by-step description of its reasoning process.

When researchers ‘nicely’ asked DeepSeek to write a keylogger, the AI ​​outlined an action plan and then produced some C++ code. This code was buggy, and the chatbot was unable to correct some of the errors and create a fully-functional malware without human intervention.

However, after a few manual interventions, the keylogger code generated by DeepSeek started working (i.e. intercepting user’s keystrokes). The researchers then used DeepSeek to further improve the resulting malware: now it can hide and encrypt its logs.

After being asked to develop some ransomware, DeepSeek first described the entire process and then managed to generate several samples of file encryption malware (although none of them could be compiled without manual fixes in the code).

Ultimately, the researchers managed to put some ransomware samples to work. The malware uses file enumeration and persistence mechanisms and even displays a ‘ransomware dialog’ box.

“At its core, DeepSeek can create the basic structure for malware. However, it is not capable of doing so without additional prompt engineering as well as manual code editing for more advanced features. For instance, DeepSeek struggled with implementing process hiding. We got the DLL injection code it had generated working, but it required lots of manual intervention. Nonetheless, DeepSeek provides a useful compilation of techniques and search terms that can help someone with no prior experience in writing malicious code the ability to quickly familiarize themselves with the relevant concepts,” – Tenable.

Related posts:
2025.02.05 — Google patches Android zero-day vulnerability exploited by hackers

Google released the February set of patches for Android. In total, they fix 48 bugs, including a kernel zero-day vulnerability actively exploited by hackers. The zero-day's…

Full article →
2025.01.30 — Hackers use vulnerabilities in SimpleHelp RMM to attack corporate networks

Experts believe that recently patched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) were used by attackers to gain initial access to corporate networks. A number…

Full article →
2025.01.29 — Google to disable Sync in older Chrome versions

Google announced that in early 2025, Chrome Sync will be disabled in Chrome versions older than four years. Chrome Sync enables users to save and sync their…

Full article →
2025.04.10 — April updates released by Microsoft cause issues with Windows Hello

Microsoft warns that some Windows users who have installed the April updates might be unable to login to their Windows services using Windows Hello facial recognition…

Full article →
2025.01.24 — Hundreds of websites impersonating Reddit and WeTransfer spread Lumma Stealer

Sekoia researcher crep1x discovered that hackers are currently using some 1,000 pages impersonating Reddit and WeTransfer. Victims visiting these sites are tricked into…

Full article →
2025.03.16 — Researchers force DeepSeek to write malware

According to Tenable, the AI chatbot DeepSeek R1 from China can be used to write malware (e.g. keyloggers and ransomware). DeepSeek was released in January 2025 and caused a stir…

Full article →
2025.02.10 — Failed attempt to block phishing link results in massive Cloudflare outage

According to the incident report released by Cloudflare, an attempt to block a phishing URL on the R2 platform accidentally caused a massive outage; as a result, many Cloudflare…

Full article →
2025.02.01 — Critical RCE vulnerability fixed in Cacti

A critical vulnerability has been discovered in the open-source Cacti framework: it enables an authenticated attacker to remotely execute arbitrary code. Vulnerability's ID is CVE-2025-22604; its…

Full article →
2025.02.09 — Abandoned AWS S3 buckets could be used in attacks targeting supply chains

watchTowr discovered plenty of abandoned Amazon S3 buckets that could be used by attackers to deliver malware and backdoors to government agencies and large corporations. The researchers discovered…

Full article →
2025.03.10 — Nearly a million Windows computers impacted by a malvertising campaign

According to Microsoft, nearly 1 million Windows devices fell victim to a sophisticated malvertising campaign in recent months. Cybercriminals were able to steal credentials, cryptocurrency, and sensitive…

Full article →