Cyber security company is a warning of business and non -popular apps from the AI Generation DeeSek company, saying that the program has many safety vulnerabilities that may compromise the user data.
The DEESEEK app, which shocked the stock market when moving to the top of the Apple App Store. In January, sending information that does not encrypted the internet and collecting users, passwords and other unsafe identity information. Analysis At the mobile security company now
The vulnerability that the company found to affect the mobile app, which many users access to the deepsek's AI model is not the model itself, which can be used by local user devices or through separate hosting platforms.
“Since the mobile app has changed quickly and is a surface that has no protection, so they have a real risk to the company and consumers.” NOWSECURE wrote “DEESPSEEK is a high details. But unique “
Analysis of the performance of the DEESEEK app on the real phone. Now, the iPhone version comes with important safety features designed by Apple.
“DEESEEK iOS app around the world disables the Security Security (ATS) app, which is a defense of iOS platform that prevents delicate information from being transmitted through the non -encrypted channel” Written Analysts “due to This prevention is disabled, the app therefore can send information that does not encrypt the internet –
Lack of encryption may make users sensitive to the attack on the middle level, which someone who controls the network that communicates devices can see or change communication between users and server DEESEEK.
NOWSECURE also found that in some cases, the DEESEEK app is a delicate information, including the name of the user and password in a file that does not enter the device on the device that may be examined by attackers who have access to physical devices or Long distance
Other vulnerabilities specified at the moment are more common in the mobile app. For example, analysts indicate that DEESEK gathered a variety of information about networks and equipment that the apps are used, which can be combined with other data and is used by brokers, data or actors that are more innocent to monitor and inspect the users.
The NOWSECURE reported when many of the governments prohibit their employees from the use of DEESPEK due to the safety and the fact that the company is located in China.
On Monday, New York Governor Kathy Hochul announce State employees are out of the use of DEESEEK models on their device.
Congress is Is considered now The billing certificate that will prohibit at the federal and government levels of South Korea, Australia and Taiwan already. Block access To the DeepSHEK model on the device officially