Appdome launches plugins to combat DeepSeek AI threats

Appdome has announced the introduction of new dynamic defence plugins aimed at detecting and preventing DeepSeek AI attacks on Android and iOS devices.

Data from Appdome indicates that DeepSeek AI mobile applications have been downloaded 22 million times, achieving the top position in the Apple app store. DeepSeek also became the most popular AI term on Google Trends for a 24-hour period on 28th January, highlighting its rapid rise in popularity.

Despite its popularity, DeepSeek poses a significant security threat due to its ability to extract and transmit sensitive data from devices without user consent. This has raised concerns regarding the potential risks for both businesses and consumers who rely on mobile apps daily.

Appdome's new plugins are built to help enterprises proactively defend against these threats using AI technology. The plugins are part of Appdome's AI Native Defence platform and are designed to detect and mitigate DeepSeek AI attacks.

The new plugins provide various security measures, including the ability to detect DeepSeek AI presence on mobile apps, protect enterprise data by blocking runtime memory extraction, cryptographic key theft, and authentication token leaks, as well as prevent dynamic code injection.

DeepSeek, a free AI-powered chatbot mobile app, has come under scrutiny due to reported use as spyware, collecting and transmitting user data to foreign entities without user knowledge. Users may also inadvertently post sensitive information, increasing the risk of data leakage.

Several enterprises and government agencies, including in the United States and South Korea, have responded by implementing bans on the use of DeepSeek, particularly on work-related mobile devices. However, these efforts have been hindered by the lack of tools to detect the presence of DeepSeek or to confirm its use as spyware.

Tom Tovar, Co-creator and CEO of Appdome, commented, "The explosive popularity of DeepSeek AI creates a serious and immediate risk to the mobile enterprise. If you're one of the many who believe DeepSeek poses a risk to your mobile workforce or consumers, now you have a way to detect and prevent DeepSeek from infiltrating your mobile apps or exposing your data."

The new detection plugins are specifically effective for enterprises employing BYOD (Bring Your Own Device) strategies, as they enable the identification of active DeepSeek sessions on devices, allowing for a range of responsive actions.

Chris Roeckl, Chief Product Officer at Appdome, stated, "As organisations race to embrace AI throughout the workforce and DeepSeek grows in popularity, enterprises need an early warning system to detect when specific AI tools are in use. Today that threat comes from DeepSeek and tomorrow it could be another AI tool. No matter what, cyber organisations and IT need to be able to enforce policies regarding AI use responsibly."

DeepSeek has reportedly exposed users to various risks, such as data collection without consent and weak encryption practices. Analysis indicates that DeepSeek lacks proper encryption, uses outdated algorithms, and is vulnerable to reverse engineering, which could allow runtime memory extraction and facilitate dynamic code injection.

Although DeepSeek creators have implemented safeguards to prevent malicious use of the AI model, analyses have uncovered "jailbreaks" that bypass these security restrictions.

Kai Kenan, Vice President of Cyber Research at Appdome, emphasised the importance of protecting against DeepSeek, stating, "If you use mobile in the workforce, then you need to safeguard your organisation against DeepSeek. Users, even informed users, can download DeepSeek AI onto BYOD or shared devices used in highly sensitive operations. With Appdome DeepSeek detection, there's no reason to be in the dark about the use or infiltration of DeepSeek in the enterprise."