Cyberattacks Against DeepSeek Escalate with Botnets Joining, Command Surging Over 100 Times: XLab.

0
Cyberattacks Against DeepSeek Escalate with Botnets Joining, Command Surging Over 100 Times XLab.
Spread the love

Beijing, China – Chinese AI start-up DeepSeek has come under an intensified wave of cyberattacks, with attack commands surging more than 100 times compared to earlier this week. Chinese cybersecurity firm XLab reported on Thursday that at least two botnets participated in the latest assaults, launching two significant waves of attacks against DeepSeek’s infrastructure.

Botnets Amplify Attacks Against DeepSeek

Since early January, DeepSeek has been the target of sustained and large-scale distributed denial-of-service (DDoS) attacks. Initially, the attacks comprised SSDP and NTP reflection amplification methods. However, on Tuesday, attackers escalated their tactics by introducing HTTP proxy attacks, which are more difficult to mitigate. By Thursday morning, botnets had joined the fray, making DeepSeek’s defense increasingly difficult.

“The attacks are becoming more sophisticated and diversified, posing severe security challenges for DeepSeek,” an anonymous security expert from XLab told Global Times.

XLab’s continuous monitoring of DeepSeek’s systems indicates an evolving threat. The attacks have shifted from basic amplification methods to application-layer attacks via HTTP proxies and, most recently, botnet-driven assaults. The escalation suggests the involvement of professional cybercriminals.

HailBot and RapperBot Identified in the Attack

According to an XLab report, two Mirai-variant botnets—HailBot and RapperBot—were responsible for the early Thursday attacks. These attacks occurred in two waves, at 1 a.m. and 2 a.m., involving 118 C2 ports across 16 C2 servers.

“The involvement of botnets indicates that professional attackers have entered the scene,” said an XLab expert.

Botnets, networks of devices infected with malware, are controlled remotely by attackers via command-and-control (C2) servers. These botnets execute simultaneous DDoS attacks, overloading target servers and disrupting normal business operations. The attackers behind these botnets offer professional DDoS services to clients, functioning like “hired hitmen” in the cyber realm.

DeepSeek’s AI Advancements Draw Attention

DeepSeek gained international recognition earlier this year after launching its open-source model, DeepSeek-R1. This AI model represents a technological breakthrough, enabling reasoning capabilities using pure deep learning techniques. Additionally, on Tuesday—the eve of the Chinese New Year—DeepSeek released Janus-Pro, an upgraded version of its multimodal AI model, significantly improving visual generation and multimodal understanding.

The attacks have disrupted DeepSeek’s services, forcing the company to temporarily restrict registrations to users with +86 mobile numbers.

Global Concern Over AI Security

Cyberattacks on DeepSeek have sparked global concerns over AI security. A Forbes report on Tuesday highlighted the implications of such attacks, noting that disruptions to AI-driven platforms could pose risks to consumer access and reliability.

“The attack, which forced DeepSeek to disable new user registrations, is believed to be a DDoS attack targeting its API and web chat platform,” the Forbes report stated.

As AI technology continues to advance, securing AI platforms against cyber threats will be a critical challenge for companies like DeepSeek. The escalating attacks highlight the increasing need for stronger cybersecurity measures to protect cutting-edge innovations in artificial intelligence.

Source link

China Surpasses US in Tech Innovation.

 

Xi Jinping Lauds China’s Progress Amid Challenges in the Year of the Dragon.

My Introduction.


Spread the love

Leave a Reply

Your email address will not be published. Required fields are marked *