Cybersecurity researchers discovered that criminals can manipulate DeepSeek R1 to create functional malware. This is despite built-in safeguards.
According to a report by Cyber Security News, the AI model, designed with reasoning capabilities, initially refuses to generate malicious code. However, this can be circumvented with specific prompt techniques. This discovery raises serious concerns about the potential misuse of freely available AI models by cybercriminals. Especially if this enables the development of malicious software without extensive programming knowledge.
DeepSeek R1 uses a technique called chain-of-thought (CoT). This allows the application to break down complex prompts into manageable steps, similar to human reasoning methods. This feature also makes the model particularly effective in creating detailed malicious code when criminals bypass safeguards.
Code does contain errors
When analysts at Tenable Research asked the model to create a keylogger, it refused to address ethical concerns. The researchers found, however, that it was enough, in a request, to state that it was for educational purposes to bypass security measures. In that case, the model generated detailed malware code. Their extensive testing did reveal that the generated code often contains errors. These included nonexistent Windows-style definitions and incorrect thread parameters. These the researchers had to correct manually. However, those corrections do not require much programming knowledge. Also, the model needs many additional prompts to implement more advanced functions.
The researchers manipulated DeepSeek R1 to create a keylogger that captured keystrokes, hid its presence and encrypted log files. The keylogger implementation used Windows API hooks to capture keystrokes globally on the system. The researchers further enhanced the malware with features to hide files by modifying system attributes. The SetHiddenAttribute function made the log file invisible in standard Windows Explorer views.
In addition, the researchers implemented simple XOR encryption for the captured keystrokes, making the data unreadable without a decryption tool.
Tenable’s research also extended to the creation of ransomware. DeepSeek generated code with persistence methods via Windows Registry modifications and file enumeration functions to identify target files for encryption.
Lower threshold for malware development
Although the generated ransomware examples required significant manual modifications, they demonstrate DeepSeek’s ability to produce the fundamental components required for functional malware. These findings suggest that while DeepSeek R1 does not provide off-the-shelf malware solutions, it significantly lowers the technical threshold for creating malicious software. This could potentially help cybercriminals develop sophisticated threats faster.