The “BrowserVenom” program targets users looking to launch DeepSeek AI.
The “BrowserVenom” program diverts users from certain AI chatbots. Specifically, it targets those who want to interact with DeepSeek. The malware manipulates internet traffic. Hackers spread the attack through Google ads https://xrust.ru/, which appeared in search results for the query “deep seek r1.” These ads claimed to provide access to the latest DeepSeek AI models. The issue is that newcomers to generative AI may not be aware of the official domains hosting the R1 model. Clicking on the Google ad redirected users to a fake DeepSeek domain at “https[:]//deepseek-platform[.]com,” where there was a button to download the R1 model. The goal was to deceive users into downloading a malicious file called “AI_Launcher_1.21.exe.” In general, before downloading anything, you should ensure that you are visiting the official domain or channel of the AI company.
https://xrust.ru/news/311294-programma-browservenom-ohotitsja-za-polzovateljami-zhelajuschimi-zapustit-deepseek-ai.html
