- 3,010
- 281
- 1,730
DeepSeek's rapidly growing popularity amid privacy controversies has attracted the attention of not only users, but also cybercriminals. Fake ads have appeared online, disguised as official Google search results, with the aim of distributing malware. Attackers have targeted those who type queries into the search engine and inattentively click on the first links.
According to research by Malwarebytes, Google Ads is actively hosting fake ads posing as DeepSeek. At first glance, the differences from the real result are difficult to spot - especially for an unprepared user. Clicking on such a link is enough to get to a fake site created with special attention to visual authenticity.
One of these sites completely copies the appearance of the official DeepSeek, but in reality leads to the download of a Trojan written in MSIL (Microsoft Intermediate Language). The malicious code is activated when trying to download the "search engine" and runs on the victim's system.
[td]DeepSeek (Malwarebytes) Fake Website[/td]Criminals rely on the credibility of sponsored results on Google. The system allows such ads to occupy the top positions, overtaking even the official sites of brands. This makes fake ads especially dangerous. The attackers pay large sums for placement, which indicates the high effectiveness of the deception.
One of the fake sites was created on behalf of an advertiser whose name is written in Hebrew - תמיר כץ. This is another alarming signal: such details are difficult to notice in a hurry, especially if the user does not know what a real DeepSeek ad should look like.
[td]Malware Advertiser Information (Malwarebytes)[/td]To avoid infection, experts advise to completely avoid clicking on sponsored links. Additionally, it is recommended to click on the three dots next to the URL in the search results - this way you can find out who owns the advertisement. If the advertiser's name is in doubt, it is better to return to the regular search results.
[td]Fake (top) and real DeepSeek ads (bottom) (Malwarebytes)[/td]To completely block sponsored links, you can install an ad blocker. This will eliminate the risk of accidentally going to a malicious site. In conditions where Google cannot guarantee the safety of advertisements, such measures become especially relevant.
According to research by Malwarebytes, Google Ads is actively hosting fake ads posing as DeepSeek. At first glance, the differences from the real result are difficult to spot - especially for an unprepared user. Clicking on such a link is enough to get to a fake site created with special attention to visual authenticity.
One of these sites completely copies the appearance of the official DeepSeek, but in reality leads to the download of a Trojan written in MSIL (Microsoft Intermediate Language). The malicious code is activated when trying to download the "search engine" and runs on the victim's system.
One of the fake sites was created on behalf of an advertiser whose name is written in Hebrew - תמיר כץ. This is another alarming signal: such details are difficult to notice in a hurry, especially if the user does not know what a real DeepSeek ad should look like.