A flaw was found in Infinispan, when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by malicious actors.

Attack vector: More severe the more the remote (logically and physically) an attacker can be in order to exploit the vulnerability.

Attack complexity: More severe for the least complex attacks.

Privileges required: More severe if no privileges are required.

User interaction: More severe when no user interaction is required.

Scope: More severe when a scope change occurs, e.g. one vulnerable component impacts resources in components beyond its security scope.

Confidentiality: More severe when loss of data confidentiality is highest, measuring the level of data access available to an unauthorized user.

Integrity: More severe when loss of data integrity is the highest, measuring the consequence of data modification possible by an unauthorized user.

Availability: More severe when the loss of impacted component availability is highest.

GHSA-269m-c36j-r834: Infinispan vulnerable to Insertion of Sensitive Information into Log File

Use of Arrays.equals() in LlapSignerImpl in Apache Hive to compare message signatures allows attacker to forge a valid signature for an arbitrary message byte by byte. The attacker should be an authorized user of the product to perform this attack. Users are recommended to upgrade to version 4.0.0, which fixes this issue.

The problem occurs when an application doesn’t use a constant-time algorithm for validating a signature. The method Arrays.equals() returns false right away when it sees that one of the input’s bytes are different. It means that the comparison time depends on the contents of the arrays. This little thing may allow an attacker to forge a valid signature for an arbitrary message byte by byte. So it might allow malicious users to submit splits/work with selected signatures to LLAP without running as a privileged user, potentially leading to DDoS attack.

More details in the reference section.

GHSA-p953-3j66-hg45: Apache Hive vulnerable to Observable Timing Discrepancy and Authentication Bypass by Spoofing

Subaru STARLINK flaw exposed a critical security vulnerability, enabling unauthorized access to vehicle tracking, remote control, and sensitive…

Subaru STARLINK flaw exposed a critical security vulnerability, enabling unauthorized access to vehicle tracking, remote control, and sensitive customer data.

A vulnerability was recently discovered by cybersecurity researchers Shubham Shah and Sam Curry in Subaru’s STARLINK-connected vehicle system, enabling them to remotely start, stop, and track vehicles. The vulnerability in Subaru’s Starlink in-vehicle service, allowed attackers to remotely control and track connected vehicles. 

The vulnerability, an arbitrary account takeover flaw in the Starlink admin portal, enabled the duo to compromise a Subaru employee account. This flaw could let them target vehicles and customer accounts across the United States, Canada, and Japan.

Exploiting this flaw, Curry and Shah could gain unauthorized access to sensitive customer and vehicle data, and even remotely control targeted vehicles. According to a blog post published by researchers, the issue originated from a flaw in the Subaru STARLINK admin portal, a system intended for employee use.

This portal had a critical vulnerability that allowed attackers to reset employee passwords without requiring any confirmation. This meant that by simply knowing an employee’s email address, an attacker could gain access to their account.

> _“It appeared that there was a “resetPassword.json” endpoint that would reset employees’ accounts without a confirmation token. If this worked how it was written in the JavaScript, then an attacker could simply enter any valid employee email and take over their account.”_
> 
> Sam Curry

Researchers further bypassed two-factor authentication (2FA) by manipulating the website’s code, effectively disabling the security measure. With unauthorized access to the admin portal, the researchers demonstrated the ability to, start, stop, lock, and unlock any Subaru vehicle, and access a year’s worth of detailed location history for any vehicle, including stops and engine starts, providing precise locations with updates every time the engine started. 

Furthermore, they could retrieve the personal information of any customer, including contact details, addresses, billing information (partially masked), and vehicle PINs. They could also add themselves as authorized users to other vehicles, effectively taking control of them without the owner’s knowledge.

Researchers reported this vulnerability to Subaru on November 20, 2024, and the company in response promptly addressed the issue, patching it within 24 hours. The findings were publicly disclosed on January 23, 2025.

****Previous Hacks by the Duo****

Sam Curry and Shubham Shah are well-known for their creative and innovative methods of uncovering security vulnerabilities and responsibly disclosing them to companies.

One of their notable discoveries involved exploiting vulnerabilities in the globally used Points.com loyalty system. This flaw allowed unauthorized access to sensitive user data, including names, addresses, email addresses, phone numbers, and transaction details.

In December 2022, Sam Curry identified a critical app flaw that compromised Honda and Nissan vehicles through their VINs. Attackers could exploit this vulnerability to unlock doors, honk horns, and flashlights, and even start the vehicle remotely.

In September 2024, Sam Curry and three other security researchers found a way to control Kia vehicles by exploiting vulnerabilities linked to their license plates.

1.  **How Hackers Can Remotely Unlock/Start Honda Cars**
2.  **Cybercriminals Exploit CAN Injection Hack to Steal Cars**
3.  **Critical Intel chip flaw left cars and IoT devices vulnerable**
4.  **Self-driving cars can be fooled by displaying virtual objects**
5.  **Tesla cars can be remotely hacked using drone, WIFI dongle**

Subaru STARLINK Flaw Enabled Remote Tracking and Control of Vehicles

The popularity of the TF2 gaming and trading scene attracts scammers with phishing, fake trades, and malicious tools.…

The popularity of the TF2 gaming and trading scene attracts scammers with phishing, fake trades, and malicious tools. Stay safe with verified trades, Steam Guard, 2FA, and market price checks.

Team Fortress 2 (TF2) has appealed to millions of players worldwide. It features a dynamic society and an exclusive trading ecosystem. Regarding TF2, from collectable hats to rare weapons, the in-game economy often functions similarly to real markets, so fraudsters are drawn to it as the scamming locale.

TF2 is a community infested with hackers and scammers who use extremely advanced methods to steal valuable items and accounts. In fact, security experts have seen the emergence of counterfeit gaming accessories embedded with malware and phishing links as additional risks.

This article concisely explains TF2 item scams, their operation, and users’ insights into staying safe.

****Tips for Safe Buying and Trading in TF2****

As a buyer, implementing good security practices and being watchful is the key to evading such scams. You can use the actionable tips:

****1\. Always Verify The Trading System****

According to TF2 Trading, fake seller profiles are the biggest scam these days. That’s why, when buying items, the buyer should see the seller’s profile. You should mainly look for a high number of positive reviews, a stable trading history, and community members’ support. Be ready to spurn new profiles or those with fewer activities.

The buyer should see the seller’s profile. You should mainly look for a high number of positive reviews, a stable trading history, and community members’ support. Be ready to spurn new profiles or those with fewer activities.

****2\. Avoid Links from Unverified Sources****

If the permission to a trade attaches to a link, operate under the feel of dread. Let the URL be in line with the official Steam site or any other trustable site. Linking drives to phishing pages mostly.

****3\. Enable Steam Guard and Two-Factor Authentication (2FA)****

Turning on two-factor authentication will significantly enhance the security of your Steam account. Even if someone finds out your password, 2FA weakens their access by a lot.

****4\. Research Market Prices****

Those who do not know the price of an item are the ones usually cheated by scammers. Verify the market prices at the moment by using reliable platforms to prevent going over the top and being fooled by “deals” that are too good to be true.

****5\. Inspect Trade Offers Carefully****

Scammers may offer you a trade deal with a few underhanded methods. Always re-read the item descriptions, the prospects, and the values before you accept a trade. Spot for details like fancy names or absent items.

****The Anatomy of a TF2 Scam****

It is crucial to know how scams are executed to be able to prevent them. The following are the most frequent scams that TF2 players are exposed to:

****1\. Phishing Scams****

Even though phishing is still the number one strategy, it is also one of the methods that dominate worldwide. Scammers may send links that display from the links that spam the item. 

The terrible things that are causing mayhem in the trade are the fake Steam login pages the scammer sent players to, and on these malicious pages, the players’ credentials are stolen.

****2\. Fake Trades****

To be fair, almost everyone has been fooled, as sellers have also been faked innumerable times. The tricksters can access your account when you click on the link or type in your credentials on a fake web page.

**3\. Duplication Promises**

The “item duplication” scam has been around for years. Scammers claim they can duplicate rare items and ask buyers to send their valuable items first. Of course, the items are never returned.

****4\. Counterfeit Marketplaces****

Larcenous third-party marketplaces are professional in looking like genuine ones. These sites may offer unbeatable deals at the cost of user data or just take your money and run.

****5\. Malicious Tools and Software****

Our partner’s researchers noticed a profound surge in counterfeited tools and/or software, which falsely suggests a heightened gaming experience and increased performance in trades. Many of these have harmful software comprising personal and financial information.

****6\. Overpayment Scams****

On their heads, these are scams where the buyer says: “I am going to overpay for an item. Therefore, can I get a refund, or should I get something else as a bonus?” Then, they are gone getting you out of your money or they have just canceled the transaction.

****Advanced Strategies****

False reviews made by scammers are a widespread fraud method. Make sure that the reviews are from real users and match the profiles to ensure that they are not imitations.

Scammers very often mislead potential buyers with trade offers that sound too impressive to refuse. It is requested that trades are where the other party offers an additional amount of money that is not the value of the item.

Refrain from sharing your Steam account information, email, or payment details with other gamers. Fraudsters may manipulate you psychologically using social engineering techniques to further their cause.

****Broader Security Practices for Gamers****

It must be noted that the TF2 scams form only a tiny dot under a larger cyberattack direction of fraudsters toward gamers. With the constant increase in online gaming communities, there is an equally roaring nature of cyber risks that come with them. Here are general security tips for staying safe across all gaming platforms:

*   **Keep Your Software Updated:** Frequently, updates of your operating system, antivirus software, and Steam client can fix vulnerabilities that scammers and hackers exploit.
*   **Use Strong and Unique Passwords:** The golden rule is to avoid copying the same password across all accounts. Instead, consider using a password manager, which generates and saves complex, unique passwords for each platform.
*   **Install Anti-Malware Protection:** One way to prevent the device from being infected with the virus is to use reliable anti-malware software, which will block malicious downloads, phishing attempts, and spyware.
*   **Regularly Check Account Activity:** Check your Steam account for unauthorized logins or grim trade activity. Review the issues you find with Steam Support.
*   **Educate Yourself and Others:** Along with fellow players, share tips and resources to form a more informed and resilient group. Scam awareness and common sense are the most powerful defense tools.

****Signs of a Scam to Watch Out For****

*   Pushy salesmen that force you into making quick decisions.
*   Errors in grammar in the messages that are sent to you.
*   Transactions off Steam’s built-in mechanisms only.
*   Sellers are not committed to verifying their identity or reputation
*   They may falsely claim an item’s value is higher even though the only right price is listed on the most trustful marketplaces.

****What to Do If You’re Scammed****

*   Report the Scammer: Using Steam’s reporting tools, flag the scammer account that way.
*   Change Your Passwords: Make your Steam and email accounts safe by changing the passwords immediately.
*   Enable Account Recovery: Contact the Steam support center to restore control of compromised accounts.
*   Warn the Community: Share your experience to stop others from becoming victims of the same scam.

1.  **Secure Gaming During the Holidays**
2.  **Guntech 2.5 to Launch in Upland’s Gaming Ecosystem**
3.  **Exploring Data Privacy and Security in B2B Gaming Data**
4.  **The Rise of Blockchain Gaming and Secure Marketplaces**
5.  **Gaming Firms + Community Members Hit by Dark Frost Botnet**

In Gaming Item Scams and How to Avoid Them?

Malware writing is only one of several malicious activities for which the new, uncensored generative AI chatbot can be used.

Source: Owlie Productions via Shutterstock

A recently debuted AI chatbot dubbed GhostGPT has given aspiring and active cybercriminals a handy new tool for developing malware, carrying out business email compromise scams, and executing other illegal activities.

Like previous, similar chatbots like WormGPT, GhostGPT is an uncensored AI model, meaning it is tuned to bypass the usual security measures and ethical constraints available with mainstream AI systems such as ChatGPT, Claude, Google Gemini, and Microsoft Copilot.

**GenAI With No Guardrails: Uncensored Behavior**

Bad actors can use GhostGPT to generate malicious code and to receive unfiltered responses to sensitive or harmful queries that traditional AI systems would typically block, Abnormal Security researchers said in a blog post this week.  

"GhostGPT is marketed for a range of malicious activities, including coding, malware creation, and exploit development," according to Abnormal. "It can also be used to write convincing emails for business email compromise (BEC) scams, making it a convenient tool for committing cybercrime." A test that the security vendor conducted of GhostGPT's text generation capabilities showed the AI model producing a very convincing Docusign phishing email, for example.

The security vendor first spotted GhostGPT for sale on a Telegram channel in mid-November. Since then, the rogue chatbot appears to have gained a lot of traction among cybercriminals, a researcher at Abnormal tells Dark Reading. The authors offer three pricing models for the large language model: $50 for one-week usage; $150 for one month and $300 for three months, says the researcher, who asked not to be named.

Related:Actively Exploited Fortinet Zero-Day Gives Attackers Super-Admin Privileges

For that price, users get an uncensored AI model that promises quick responses to queries and can be used without any jailbreak prompts. The author(s) of the malware also claim that GhostGPT doesn't maintain any user logs or record any user activity, making it a desirable tool for those who want to conceal their illegal activity, Abnormal said.

**Rogue Chatbots: An Emerging Cybercriminal Problem**

Rogue AI chatbots like GhostGPT present a new and growing problem for security organizations because of how they lower the barrier for cybercriminals. The tools allow anyone, including those with minimal to no coding skills, the ability to quickly generate malicious code by entering a few prompts. Significantly, they also allow individuals who already have some coding skills the ability to augment their capabilities and improve their malware and exploit code. They largely eliminate the need for anyone to spend time and effort trying to jailbreak GenAI models to try and get them to engage in harmful and malicious behavior.

Related:Change Healthcare Breach Impact Doubles to 190M People

WormGPT, for instance, surfaced in July 2023 — or about eight months after ChatGPT exploded on the scene — as one of the first so-called "evil" AI models created explicitly for malicious use. Since then, there have been a handful of others, including WolfGPT, EscapeGPT, and FraudGPT, that their developers have tried monetizing in cybercrime marketplaces. But most of them have failed to gather much traction because, among other things, they failed to live up to their promises or were just jailbroken versions of ChatGPT with added wrappers to make them appear as new, standalone AI tools. The security vendor assessed GhostGPT to likely also be using a wrapper to connect to a jailbroken version of ChatGPT or some other open source large language model.

"In many ways, GhostGPT is not massively different from other uncensored variants like WormGPT and EscapeGPT," the Abnromal researcher tells Dark Reading. "However, the specifics depend on which variant you're comparing it to."

For example, EscapeGPT relies on jailbreak prompts to bypass restrictions, while WormGPT was a fully customized large language model (LLM) designed for malicious purposes. "With GhostGPT, it’s unclear whether it is a custom LLM or a jailbroken version of an existing model, as the author has not disclosed this information. This lack of transparency makes it difficult to definitively compare GhostGPT to other variants."

Related:The Case for Proactive, Scalable Data Protection

The growing popularity of GhostGPT in underground circles also appear to have made its creator(s) more cautious. The author or the seller of the chatbot has deactivated many of the accounts they had created for promoting the tool and appears to have shifted to private sales, the researcher says. "Sales threads on various cybercrime forums have also been closed, further obscuring their identity, \[so\] as of now, we do not have definitive information about who is behind GhostGPT."

**About the Author**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

For $50, Cyberattackers Can Use GhostGPT to Write Malicious Code

The Apple iOS 18.3 update fixes 28 other vulnerabilities identified by the tech company, though there is little information on them.

Source: Shahid Jamil via Alamy Stock Photo

NEWS BRIEF

In its latest security update for users, Apple has released a patch for a zero-day vulnerability tracked as CVE-2025-24085 (no CVSS score assigned yet).

The vulnerability, not yet added to the National Vulnerability Database (NVD), can be found in iOS, iPadOS, macOS, tvOS, watchOS, and visionOS. As a privileged escalation security flaw, it is located in Apple's Core Media framework. The bug is being actively exploited in the wild.

The Core Media framework, according to Apple, is "the media pipeline used by AVFoundation and other high-level media frameworks found on Apple platforms." It allows users to process media samples as well as manage queues of media data.

This patch comes in the form of iOS 18.3, which fixes 28 other vulnerabilities as well. Apple has yet to divulge many details about any of the issues that have been patched by this update, likely to prevent attackers from exploiting them before users can apply the necessary fix.

Impacted devices from this bug include:

*   Apple Watch Series 6 and later
    

*   Apple TV HD and Apple TV 4K (all models)
    
*   iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later
    

Though the tech giant has disclosed that "Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2," it has not published any details of the attacks nor attributed its discovery to a researcher.

**About the Author**

Skilled writer and editor covering cybersecurity for Dark Reading.

Apple Patches Actively Exploited Zero-Day Vulnerability

One of the largest data breaches in history was apparently twice as impactful as previously thought, with PII belonging to hundreds of millions of people sitting in the hands of cybercriminals.

Source: Pavel Kapish via Alamy Stock Photo

New evidence suggests that more than half of the US population was touched by the ransomware attack(s) against UnitedHealth subsidiary Change Healthcare.

One of the largest data breaches ever recorded struck Change Healthcare last year. Change's technology services reach hundreds of vendors and laboratories, thousands of hospitals, tens of thousands of pharmacies, and hundreds of thousands of physicians and dentists, including "nearly all government and commercial payers," according to company documentation. These services necessarily sweep up loads of patients' personally identifying information (PII), which ended up in the hands of multiple ransomware actors.

Later last year, it was reported that the incident affected around 100 million Americans. Now, UnitedHealth has updated that number to approximately 190 million. A company spokesperson confirmed this in an emailed statement to Dark Reading, adding, "the vast majority of those people have already been provided individual or substitute notice."

**Change's Changing Cyberattack Story**

Last February, in concert, pharmacies around the US experienced significant delays to prescription orders. Behind it all was Change Healthcare, which processes billions of transactions every year, representing trillions of dollars worth of medical claims.

Related:Actively Exploited Fortinet Zero-Day Gives Attackers Super-Admin Privileges

The company first stated that it had suffered a nation-state cyber intrusion. In fact, it was a regular old ransomware attack (for which it would later pay a whopping $22 million ransom). And this wasn't the only crucial detail it got wrong.

In June, Change Healthcare finally sent out notices of data compromise, revealing that affected customers totaled around 100 million. On Friday, however, UnitedHealth Group publicly adjusted that figure to include 90 million more.

In its updated online notice of data breach, the company admitted that hackers may have obtained a variety of personally identifying information (PII) about patients and guarantors, including their first and last names, dates of birth, phone numbers, home addresses, and email addresses. Social security numbers, it noted, were only lost in "rare instances," and in an email to Dark Reading, a spokesperson claimed that Change Healthcare "has not seen electronic medical record databases appear in the data during the analysis."

The spokesperson also emphasized that "Change Healthcare is not aware of any misuse of individuals' information as a result of this incident."

However, Paul Bischoff, consumer privacy advocate at Comparitech, warns that "every press release I ever see about a data release says 'there's no evidence that your information has been abused or misused in any way.' But, obviously, they're not really looking for that for those instances of abuse, and they would never know if it actually happened. And the people that it happens to can't attribute the identity theft that they're suffering back to the data breach that caused it."

Related:For $50, Cyberattackers Can Use GhostGPT to Write Malicious Code

**When Data Breach Disclosures Go Wrong**

The Securities and Exchange Commission (SEC) data breach disclosure rules require that publicly traded companies disclose "material" cybersecurity incidents within four days of becoming alerted to them. The same rule applies to material updates to breach disclosures, such as when an attack is found to have affected nearly twice as many victims as once thought.

Despite these rules, companies have managed to take extensive time in investigating and addressing critical aspects of their breaches. For instance, it took Change Healthcare four months to notify customers of its incident, nine months to admit that 100 million people were affected, and nearly a year to update that figure to 190 million.

Bischoff hesitates, though, before suggesting that what's needed is even stricter regulation. "It's a complicated subject, because it gets to a point where you put such a burden on companies. Companies are also victims in these situations, so I don't want to penalize them for reporting things incorrectly," he says.

Related:The Case for Proactive, Scalable Data Protection

At the same time, he adds, "What we see a lot is that these companies take way too long to finish their investigations and notify victims. Sometimes it's up to a year or more before we're notified that people's data is out there on the Dark Web, being used for who knows what. And that's after they're most likely to get hit with identity fraud, and other sorts of fraud, because cybercriminals want that information when it's as fresh as possible. That's when it's most valuable. So I think we do need more strict standards about the timeliness of these notifications."

**About the Author**

Nate Nelson is a writer based in New York City. He formerly worked as a reporter at Threatpost, and wrote "Malicious Life," an award-winning Top 20 tech podcast on Apple and Spotify. Outside of Dark Reading, he also co-hosts "The Industrial Security Podcast."

Change Healthcare Breach Impact Doubles to 190M People

Amid ongoing fears over TikTok, Chinese generative AI platform DeepSeek says it’s sending heaps of US user data straight to its home country, potentially setting the stage for greater scrutiny.

The United States’ recent regulatory action against the Chinese-owned social video platform TikTok prompted mass migration to another Chinese app, the social platform “Rednote.” Now, a generative artificial intelligence platform from the Chinese developer DeepSeek is exploding in popularity, posing a potential threat to US AI dominance and offering the latest evidence that moratoriums like the TikTok ban will not stop Americans from using Chinese-owned digital services.

DeepSeek, an AI research lab created by a prominent Chinese hedge fund, recently gained popularity after releasing its latest open source generative AI model that easily competes with top US platforms like those developed by OpenAI. However, to help avoid US sanctions on hardware and software, DeepSeek created some clever workarounds when building its models. On Monday, DeepSeek’s creators limited new sign-ups after claiming the app had been overrun with a “large-scale malicious attack.”

While DeepSeek has several AI models, some of which can be downloaded and run locally on your laptop, the majority of people will likely access the service through its iOS or Android apps or its web chat interface. Like with other generative AI models, you can ask it questions and get answers; it can search the web; or it can alternatively use a reasoning model to elaborate on answers.

DeepSeek, which does not appear to have established a communications department or press contact yet, did not return a request for comment from WIRED about its user data protections and the extent to which it prioritizes data privacy initiatives.

As people clamor to test out the AI platform, though, the demand brings into focus how the Chinese startup collects user data and sends it home. Users have already reported several examples of DeepSeek censoring content that is critical of China or its policies. The AI setup appears to collect a lot of information—including all your chat messages—and send it back to China. In many ways, it’s likely sending more data back to China than TikTok has in recent years, since the social media company moved to US cloud hosting to try to deflect US security concerns

“It shouldn’t take a panic over Chinese AI to remind people that most companies in the business set the terms for how they use your private data” says John Scott-Railton, a senior researcher at the University of Toronto’s Citizen Lab. “And that when you use their services, you’re doing work for them, not the other way around.”

**What DeepSeek Collects About You**

To be clear, DeepSeek is sending your data to China. The English-language DeepSeek privacy policy, which lays out how the company handles user data, is unequivocal: “We store the information we collect in secure servers located in the People's Republic of China.”

In other words, all the conversations and questions you send to DeepSeek, along with the answers that it generates, are being sent to China or can be. DeepSeek’s privacy policies also outline the information it collects about you, which falls into three sweeping categories: information that you share with DeepSeek, information that it automatically collects, and information that it can get from other sources.

The first of these areas includes “user input,” a broad category likely to cover your chats with DeepSeek via its app or website. “We may collect your text or audio input, prompt, uploaded files, feedback, chat history, or other content that you provide to our model and Services,” the privacy policy states. Within DeepSeek’s settings, it is possible to delete your chat history. On mobile, go to the left-hand navigation bar, tap your account name at the bottom of the menu to open settings, and then click “Delete all chats.”

This collection is similar to that of other generative AI platforms that take in user prompts to answer questions. OpenAI’s ChatGPT, for example, has been criticized for its data collection although the company has increased the ways data can be deleted over time. Regardless of these types of protections, privacy advocates emphasize that you should not disclose any sensitive or personal information to AI chat bots.

“I would not input personal or private data in any such an AI assistant,” says Lukasz Olejnik, independent researcher and consultant, affiliated with King's College London Institute for AI. Olejnik notes, though, that if you install models like DeepSeek’s locally and run them on your computer, you can interact with them privately without your data going to the company that made them. Additionally, AI search company Perplexity says it has added DeepSeek to its platforms but claims it is hosting the model in US and EU data centers.

Other personal information that goes to DeepSeek includes data that you use to set up your account, including your email address, phone number, date of birth, username, and more. Likewise, if you get in touch with the company, you’ll be sharing information with it.

Bart Willemsen, a VP analyst focusing on international privacy at Gartner, says that, generally, the construction and operations of generative AI models is not transparent to consumers and other groups. People don’t know exactly how they work or the exact data they have been built upon. For individuals, DeepSeek is largely free, although it has costs for developers using its APIs. “So what do we pay with? What do we usually pay with: data, knowledge, content, information,” Willemsen says.

As with all digital platforms—from websites to apps—there can also be a large amount of data that is collected automatically and silently when you use the services. DeepSeek says it will collect information about what device you are using, your operating system, IP address, and information such as crash reports. It can also record your “keystroke patterns or rhythms,” a type of data more widely collected in software built for character-based languages. Additionally, if you purchase DeepSeek’s premium services, the platform will collect that information. It also uses cookies and other tracking technology to “measure and analyze how you use our services.”

A WIRED review of the DeepSeek website's underlying activity shows the company also appears to send data to Baidu Tongji, Chinese tech giant Baidu's popular web analytics tool, as well as Volces, a Chinese cloud infrastructure firm. In a social media post, Sean O'Brien, founder of Yale Law School's Privacy Lab, said that DeepSeek is also sending “basic” network data and “device profile” to TikTok owner ByteDance “and its intermediaries.

The final category of information DeepSeek reserves the right to collect is data from other sources. If you create a DeepSeek account using Google or Apple sign-on, for instance, it will receive some information from those companies. Advertisers also share information with DeepSeek, its policies say, and this can include “mobile identifiers for advertising, hashed email addresses and phone numbers, and cookie identifiers, which we use to help match you and your actions outside of the service.”

**How DeepSeek Uses Information**

Huge volumes of data may flow to China from DeepSeek’s international user base, but the company still has power over how it uses the information. DeepSeek’s privacy policy says the company will use data in many typical ways, including keeping its service running, enforcing its terms and conditions, and making improvements.

Crucially, though, the company’s privacy policy suggests that it may harness user prompts in developing new models. The company will “review, improve, and develop the service, including by monitoring interactions and usage across your devices, analyzing how people are using it, and by training and improving our technology,” its policies say.

DeepSeek’s privacy policy also says the company will also use information to “comply with \[its\] legal obligations”—a blanket clause many companies include in their policies. DeepSeek’s privacy policy says data can be accessed by its “corporate group,” and it will share information with law enforcement agencies, public authorities, and more when it is required to do so.

While all companies have legal obligations, those based in China do have notable responsibilities. Over the past decade, Chinese officials have passed a series of cybersecurity and privacy laws meant to allow state officials to demand data from tech companies. One 2017 law, for instance, says that organizations and citizens should “cooperate with national intelligence efforts.”

These laws, alongside growing trade tensions between the US and China and other geopolitical factors, fueled security fears about TikTok. The app could harvest huge amounts of data and send it back to China, those in favor of the TikTok ban argued, and the app could also be used to push Chinese propaganda. (TikTok has denied sending US user data to China’s government.) Meanwhile, several DeepSeek users have already pointed out that the platform does not provide answers for questions about the 1989 Tiananmen Square massacre, and it answers some questions in ways that sound like propaganda.

Willemsen says that, compared to users on a social media platform like TikTok, people messaging with a generative AI system are more actively engaged and the content can feel more personal. In short, any influence could be larger. “Risks of subliminal content alteration, conversation direction steering, in active engagement ought by that logic to lead to more concern, not less,” he says, “especially given how the inner workings of the model are widely unknown, its thresholds, borders, controls, censorship rules, and intent/personae largely left unscrutinized, and it being already so popular in its infancy stage.”

Olejnik, of King's College London, says that while the TikTok ban was a specific situation, US law makers or those in other countries could act again on a similar premise. “We can’t rule out that 2025 will bring an expansion: direct action against AI firms,” Olejnik says. “Of course, data collection may again be named as the reason.”

_Updated 5:27 pm EST, January 27, 2025: Added additional details about the DeepSeek website's activity._

_Updated 10:05 am EST, January 29, 2025: Added additional details about DeepSeek's network activity._

DeepSeek’s Popular AI App Is Explicitly Sending US Data to China

Attackers aim to steal people's personal and payment-card data in the campaign, which dangles the threat of an undelivered package and has the potential to reach organizations in more than 50 countries.

Source: Francis Vachon via Alamy Stock Photo

Attackers impersonating the US Postal Service (USPS) are striking again, this time in a widescale mobile phishing campaign that taps people's trust in PDF files. This time it uses a novel evasion tactic to steal credentials and compromise sensitive data in SMS phishing (smishing) attacks.

Discovered by researchers at Zimperium zLabs, the smishing campaign uses malicious SMS messages informing people that their package can't be delivered because of "incomplete address information," they revealed in a blog post published Jan. 27. The messages direct people to click on a PDF file that contains a malicious phishing link, leading them to a landing page that asks them to provide personal details, including name, address, email, and phone number. A further redirection collects people's payment-card data, claiming to require service fees for successful delivery of the package.

"This tactic leverages the perception of PDFs as safe and trusted file formats, making recipients more likely to open them," Zimperium researcher Fernando Ortega wrote in the post.

ZLabs researchers uncovered more than 630 phishing pages, 20 malicious PDF files, and a malicious infrastructure of landing pages related to the campaign, demonstrating a significant scale that potentially could impact organizations across more than 50 countries, he said.

Related:Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers

Moreover, attackers use "a complex and previously unseen technique to hide clickable elements" of the campaign, making it difficult for most endpoint security solutions to properly analyze the hidden links and thus detect the threat, Ortega wrote.

"This strategy highlights the evolving tactics of cybercriminals, who exploit both trusted file formats and advanced evasion methods to deceive users and compromise their data," he wrote.

**Manipulating PDFs to Escape Detection**

Attackers use their knowledge of the back-end composition of PDF files to create a novel evasion tactic that makes the malicious campaign harder for automated security systems to detect as suspicious, the researchers found.

In PDF files, links are typically represented using the /URI tag, which is part of an Action Dictionary object, specifically within a Go-To-URI action, Ortega explained in the post. This instructs a PDF viewer to navigate to a uniform resource identifier (URI), which is usually a Web address (URL).

The PDFs used in this campaign embed clickable links without utilizing the standard /URI tag, "making it more challenging to extract URLs during analysis," Ortega wrote.

"Our researchers verified that this method enabled known malicious URLs within PDF files to bypass detection by several endpoint security solutions," he added. In contrast, these solutions detect the same URLs when the standard /URI tag was used.

Related:Mirai Variant 'Aquabot' Exploits Mitel Device Flaws

"This highlights the effectiveness of this technique in obscuring malicious URLs," Ortega explained.

**Package-Themed Phishing Not New, But Evolving**

Campaigns that impersonate the USPS and other trusted brands are hardly new, as attackers often leverage the urgency that comes with a person waiting for a package or piece of mail as a convincing lure for phishing attacks. One USPS-anchored campaign in October 2023 was linked to Iranian attackers and used close to 200 different domains as infrastructure for the attacks, as an example.

However, the scale and sophisticated evasion tactic used in the latest USPS impersonation effort makes it a notable threat, and part of a disturbing trend to take advantage of "limited mobile device security worldwide," threatening corporate users, one security experts says.

"While organizations have robust email security, the critical tension between finance, HR, and technology teams around mobile devices has created a significant and dangerous gap in protection, leading to underinvestment in web and mobile messaging security despite these becoming primary attack vectors," says Stephen Kowski, field chief technology officer (CTO) at SlashNext Email Security+.

Related:Super Bowl LIX Could Be a Magnet for Cyberattacks

Indeed, organizations need to get a handle on the issue of unsecured mobile devices in the workplace, another expert says. To do this, notes Darren Guccione, CEO and co-founder at Keeper Security, they should adopt a layered security approach that combines employee education with the use of multifactor authentication (MFA) to prevent credential compromise even if a corporate user falls for an attack.

As far as enterprise security goes, he explains, employing zero-trust security frameworks that use privileged access management (PAM) solutions can serve to further mitigate risks "by restricting access to sensitive systems, ensuring only authorized users can interact with critical data."

**About the Author**

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

USPS Impersonators Tap Trust in PDFs in Smishing Attack Wave

CISOs are planning to adjust their budgets this year to reflect their growing concerns for cybersecurity preparedness in the event of a cyberattack.

Source: Irina Guzovataya via Alamy Stock Photo

NEWS BRIEF

In 2025, chief information security officers (CISOs) will be directing their attention to becoming more cyber prepared in the event of an attack, by enhancing their crisis simulation capabilities.

That's according to a study conducted by researchers at Hack The Box, which found that out of 200 US- and UK-based CISOs, 74% said they plan to up their crisis simulation budgets this year.

These changes likely stem from rising concerns about the growing number of cyberattacks, the lack of incident-response planning, and inadequate stress-testing of crisis scenarios. Major cyberattacks and cyber incidents have impacted organizations such as NHS, 23andMe, and a host of businesses impacted by the CrowdStrike faulty update in 2024, affecting enterprises on a global level. CISOs are trying to reassess their organizations' capabilities in order to manage the chaos when it inevitably arises.

A full 77% of those surveyed said they would allocate greater budgets for cyber-crisis simulations if the exercises themselves were more realistic and actionable. 

"Preparedness is the foundation of resilience, and crisis simulations play a crucial role in testing organizations security and workforce performance when it's most critical," said Haris Pylarinos, CEO and founder at Hack The Box, in a statement. "Organizations are right to prioritize crisis simulation, and must ensure that these are implemented in the right way."

Also, 73% of survey respondents reported that crisis simulations and incident-response exercises for both their technical and non-technical teams were their top business priority this year.

Pylarinos highlighted that crisis simulation will continue to evolve, pairing artificial intelligence with expert knowledge in order to provide tailored and realistic scenarios that reflect challenges that security teams and management will face on digital front lines. "It will unite previously disparate business units as one," he said, "and allow real-world performance to be benchmarked in a controlled environment."

**About the Author**

Skilled writer and editor covering cybersecurity for Dark Reading.

Tag

#auth