Skip to content

Cybercriminals shift to DeepSeek and Qwen for malicious activities

  • by
  • 3 min read

Cybercriminals are rapidly adopting AI models like Qwen and DeepSeek to develop malware, bypass security protections, and conduct large-scale cyberattacks. These platforms have fewer restrictions and are being exploited to create infostealers, evade banking security, and optimise spam distribution.

Researchers uncovered multiple underground forums where threat actors share jailbreaking methods and techniques to manipulate AI, escalating the risk of AI-powered cybercrime.

Threat actors have successfully leveraged Qwen to create info stealers — malware designed to harvest sensitive user information. By manipulating AI-generated code, these criminals can automate developing sophisticated hacking tools, reducing the effort needed to craft malware manually.

This is an image of jailbreak deepseek checkpoint ss1
One of the first prompts to initiate jailbreak. | Source: Check Point

Jailbreaking refers to overriding built-in safety measures within AI systems to generate uncensored or illicit content. Researchers have uncovered several discussions in dark web communities detailing methods to jailbreak DeepSeek and Qwen.

Techniques such as the ‘Do Anything Now’ approach and the ‘Plane Crash Survivors’ method have been widely shared, allowing cybercriminals to manipulate AI outputs for malicious content.

One of the most concerning findings is that attackers use DeepSeek to circumvent banking security protocols. Discussions around exploiting AI to bypass anti-fraud mechanisms indicate that cybercriminals are seeking more sophisticated ways to conduct financial crimes.

This is an image of bypass bankingsecurity deepseek checkpoint ss1
DeepSeek used to bypass banking security protocols. | Source: Check Point

Researchers also discovered a new trend where hackers are simultaneously using multiple AI models — ChatGPT, Qwen, and DeepSeek — to refine and optimise spam campaigns. By leveraging AI’s ability to generate realistic, high-quality phishing messages, attackers can increase their success rates in deceiving unsuspecting victims.

“The rise of models like Qwen and DeepSeek marks a concerning trend in the cyber threat landscape, where sophisticated tools are increasingly exploited for malicious purposes,” researchers concluded. “As threat actors utilise advanced techniques like jailbreaking to bypass protective measures and develop info stealers, financial theft, and spam distribution, the urgency for organisations to implement proactive defenses against these evolving threats ensures robust defenses against potential misuse of AI technologies.”

In the News: DeepSeek banned from Australian government devices for “extensive” data collection

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

Related Reads

Photo: michael vi / shutterstock. Com

Three ex-employees allege L-1A visa fraud at TCS in US

This is an image of spyware malware cybersecurity privacy featured 31

Threat actors deploy FrigidStealer on Macs via web inject attacks

This is an image of crypto farm

XMRig cryptominer distributed via trojanised game torrents

Photo: sundry photography / shutterstock. Com

Over 100 AWS keys found on public GitHub repositories

This is an image of scam call featured 1

Noida-based call center operation dupes victims of $1.4 million

This is an image of nvidia gpu compared 100

Concerns mount over outdated Nvidia A100 GPUs in India’s AI Mission

  • by
  • In News, AI
>