Cybersecurity experts at BLOKK, an established phone application, have uncovered data safety concerns linked to DeepSeek, an emerging AI chatbot rivalling ChatGPT. Despite its swift rise and modest development cost—around $6 million—DeepSeek may be exposing users to serious privacy threats.
Investigation Uncovers Malware Links
During a thorough analysis, BLOKK’s team tracked the data activity of Deep Seek and made a concerning discovery. When signing up via email, DeepSeek calls the subdomain fp.it.fengkongcloud.com, a subdomain calling from China that is associated with device fingerprinting. Device fingerprinting is Identifying and tracking devices using unique hardware, software, and browser attributes. Additionally, there have been reports from the Open Threat Exchange and MalwareURL list of malicious activity associated with related domains, such as static.fengkongcloud.com.
In just a few minutes, this subdomain was called 34 times in the first test and 28 times in the second test, suggesting possible data transmission outside user control.
Data Requests Linked to Multiple Countries
Further examination found domains calling from Russia, the U.S., the U.K. and Spain. Of particular interest to the team was two subdomains, gator.volces.com and tab.volces.com, with both subdomains originating from Russia. There are no known malicious ties to these subdomains, however the purpose of the domain volces.com is known to be related to device information.
To verify these findings, the BLOKK team reset test devices, wiped all associated data, and reinstalled DeepSeek. The results confirmed that the fp.it.fengkongcloud.com domain was only called during account creation, while subdomains in Russia and the U.S. were again called during active use.
In the brief couple of minutes the investigation was conducted, BLOKK had blocked 36 domains (76% of domains), as it had deemed the domains to be of risk to privacy and security.
What Users Need to Know
The BLOKK team encourages users to take online safety precautions before downloading DeepSeek, just as they should with any app or website they visit. If you choose to use the app, consider these precautions:
•Avoid using the same login credentials across multiple accounts.
•Monitor your online accounts for signs of unauthorized access or data leaks.
•Use security tools that track and block suspicious data transmissions.
The BLOKK team took appropriate measures when signing up to the DeepSeek application, using BLOKK’s maximum blocking ability.
Information about the BLOKK app
BLOKK protects users on an app and browser level, filtering traffic and blocking over 9 million online scams and tracking domains known to threaten user’s privacy and security.
At BLOKK, our mission is to empower individuals to navigate the online world confidently and safely. We protect users from online scams, trackers, and phishing, using our cutting-edge technology that filters harmful activity. Driven by a commitment to privacy, security, and innovation, BLOKK is shaping a safer online future for all phone users.
BLOKK has over 1 million installs across the Google Play Store and Apple App Store.
Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group “Information Security Community”!