Appdome has announced that new dynamic defense plugins are available on its AI-Native Defense platform to detect and defend against DeepSeek AI attacks on Android & iOS devices. The new plugins allow enterprises to safeguard mobile enterprise apps, harden remote access and protect mobile work from DeepSeek spyware.
The new plugins use behavioral analytics to detect unusual file access, data extraction, user monitoring, and unusual network traffic to external AI servers performed by DeepSeek. Like all Appdome defenses, the new dynamic defense plugins targeting DeepSeek attacks are available by choice using the Appdome platform without the need to integrate code, perform manual coding, implement SDKs, or deploy servers.
DeepSeek, a free, AI-powered chatbot mobile app, has grown in popularity quickly. It has also created a huge risk for enterprises and governments using mobile devices and apps in the workforce. For example, reports have surfaced that DeepSeek can be used as spyware to harvest and send user data to China without the user’s knowledge. Likewise, users can unknowingly or accidentally post sensitive information to DeepSeek, creating data leakage risks for corporate data and sensitive documents.
Recognizing the severity of the threat posed by DeepSeek, some enterprises have banned the use of DeepSeek for work purposes. Likewise, several government agencies, including in the United States and South Korea have introduced legislation to ban the use of DeepSeek on mobile devices used for government purposes. However, these bans are without teeth because – without Appdome – there is no way to detect DeepSeek on a mobile device, particularly a BYOD mobile device in an enterprise setting. And there’s no way to detect if DeepSeek is being used as spyware or if users share sensitive data via DeepSeek.
Appdome’s new Detect DeepSeek Attack plugins are particularly powerful in enterprise use cases such as mobile apps for work, enterprise apps, and Bring Your Own Device (BYOD) mobile strategies. When deployed in an enterprise app, the defense will detect an active DeepSeek session on the device and offer enterprises and B2B mobile app makers multiple enforcement options to mitigate the DeepSeek risk. Appdome’s new DeepSeek detection can be deployed stand alone or in combination with other defenses to detect DeepSeek being used as spyware and when employees post content to DeepSeek.
In published cases, DeepSeek exposed users to unauthorized data collection, weak encryption practices, and potential surveillance by state-linked entities. Security analyses reveal that DeepSeek transmits user data without proper encryption, employs outdated cryptographic algorithms, and lacks robust anti-tampering protections, making it vulnerable to reverse engineering. Beyond these published risks, attackers can expedite the runtime analysis of potential victim apps by feeding DeepSeek with memory dumps, encrypted files, and server responses directly on the device. This could also enable runtime memory extraction, allowing attackers to scan active memory for cryptographic keys, authentication tokens, and decrypted session data, compromising financial transactions and authentication flows.
Additionally, DeepSeek may facilitate dynamic code injection by identifying unprotected vectors, enabling attackers to bypass security controls like root detection and anti-debugging, manipulate app behavior, and intercept sensitive interactions without persistent malware. The creators of DeepSeek have set guardrails designed to prevent using the AI model for malicious purposes, however, during the analysis of this model multiple “jailbreaks” were found that allow circumventing security restrictions.
Learn more about Appdome AI-Native defense for DeepSeek AI threats.
Related
This entry was posted on February 26, 2025 at 8:24 am and is filed under Commentary with tags Appdome. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Appdome Preempts DeepSeek Attacks on Mobile Devices
Appdome has announced that new dynamic defense plugins are available on its AI-Native Defense platform to detect and defend against DeepSeek AI attacks on Android & iOS devices. The new plugins allow enterprises to safeguard mobile enterprise apps, harden remote access and protect mobile work from DeepSeek spyware.
The new plugins use behavioral analytics to detect unusual file access, data extraction, user monitoring, and unusual network traffic to external AI servers performed by DeepSeek. Like all Appdome defenses, the new dynamic defense plugins targeting DeepSeek attacks are available by choice using the Appdome platform without the need to integrate code, perform manual coding, implement SDKs, or deploy servers.
DeepSeek, a free, AI-powered chatbot mobile app, has grown in popularity quickly. It has also created a huge risk for enterprises and governments using mobile devices and apps in the workforce. For example, reports have surfaced that DeepSeek can be used as spyware to harvest and send user data to China without the user’s knowledge. Likewise, users can unknowingly or accidentally post sensitive information to DeepSeek, creating data leakage risks for corporate data and sensitive documents.
Recognizing the severity of the threat posed by DeepSeek, some enterprises have banned the use of DeepSeek for work purposes. Likewise, several government agencies, including in the United States and South Korea have introduced legislation to ban the use of DeepSeek on mobile devices used for government purposes. However, these bans are without teeth because – without Appdome – there is no way to detect DeepSeek on a mobile device, particularly a BYOD mobile device in an enterprise setting. And there’s no way to detect if DeepSeek is being used as spyware or if users share sensitive data via DeepSeek.
Appdome’s new Detect DeepSeek Attack plugins are particularly powerful in enterprise use cases such as mobile apps for work, enterprise apps, and Bring Your Own Device (BYOD) mobile strategies. When deployed in an enterprise app, the defense will detect an active DeepSeek session on the device and offer enterprises and B2B mobile app makers multiple enforcement options to mitigate the DeepSeek risk. Appdome’s new DeepSeek detection can be deployed stand alone or in combination with other defenses to detect DeepSeek being used as spyware and when employees post content to DeepSeek.
In published cases, DeepSeek exposed users to unauthorized data collection, weak encryption practices, and potential surveillance by state-linked entities. Security analyses reveal that DeepSeek transmits user data without proper encryption, employs outdated cryptographic algorithms, and lacks robust anti-tampering protections, making it vulnerable to reverse engineering. Beyond these published risks, attackers can expedite the runtime analysis of potential victim apps by feeding DeepSeek with memory dumps, encrypted files, and server responses directly on the device. This could also enable runtime memory extraction, allowing attackers to scan active memory for cryptographic keys, authentication tokens, and decrypted session data, compromising financial transactions and authentication flows.
Additionally, DeepSeek may facilitate dynamic code injection by identifying unprotected vectors, enabling attackers to bypass security controls like root detection and anti-debugging, manipulate app behavior, and intercept sensitive interactions without persistent malware. The creators of DeepSeek have set guardrails designed to prevent using the AI model for malicious purposes, however, during the analysis of this model multiple “jailbreaks” were found that allow circumventing security restrictions.
Learn more about Appdome AI-Native defense for DeepSeek AI threats.
Share this:
Like this:
Related
This entry was posted on February 26, 2025 at 8:24 am and is filed under Commentary with tags Appdome. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.