A dangerous new cyber threat has emerged, targeting unsuspecting users who search for the DeepSeek-R1 large language model (LLM). Cybersecurity researchers at Kaspersky Global Research and Analysis Team have uncovered a malware campaign that disguises itself as a legitimate AI assistant download, only to steal sensitive user data using a malicious tool named BrowserVenom.
A Sophisticated Trap
The malware is spread through a phishing website that mimics the official DeepSeek homepage and is promoted via Google Ads. When users search for “DeepSeek R1,” a malicious ad redirects them to the fake site. If the victim is using a Windows operating system, they are offered to download tools like Ollama or LM Studio, which are normally used to run LLMs offline.
But here’s the twist: the downloaded installer includes both legitimate software and a stealth Trojan, which bypasses Windows Defender protections using a special algorithm. The infection only succeeds if the user has administrator privileges on their Windows profile.
Once Inside: Total Browser Hijack
After installation, all browsers on the device are reconfigured to use a forced proxy controlled by the attackers. This allows them to intercept browsing data, including credentials, cookies, and online activity. Kaspersky dubbed the malware BrowserVenom due to its aggressive takeover of internet traffic.
Global Impact
Infections have already been confirmed in several countries, including Brazil, Cuba, Mexico, India, Nepal, South Africa, and Egypt. The scale and reach of this campaign indicate that attackers are specifically targeting regions with growing interest in local LLM use.
Lisandro Ubiedo, security researcher at Kaspersky, stated:
“While running LLMs offline offers privacy benefits, it also opens the door to serious risks if precautions are not taken. Attackers are capitalizing on the popularity of open-source AI tools to distribute fake packages that embed spyware, keyloggers, or crypto miners.”
How to Stay Safe
Kaspersky recommends the following actions to avoid falling victim:
- Always check website URLs carefully before downloading AI tools.
- Download offline LLM software only from official sites (e.g., ollama.com, lmstudio.ai).
- Avoid using admin accounts on Windows for daily tasks.
- Install a trusted cybersecurity solution to detect and block malicious files.