Intel Name: Deepseek lure using captchas to spread malware
Date of Scan: March 11, 2025
Impact: High
Summary: The DeepSeek AI chatbot, launched on January 20, 2025, quickly became a target for abuse. Threat actors use brand impersonation tactics to create fraudulent websites that trick users into revealing sensitive information or executing malware. The malware campaign employs a deceptive CAPTCHA page to perform clipboard injection, covertly copying a malicious PowerShell command for users to run.
