cross-posted from: https://lemmy.sdf.org/post/31583546
Security researcher Tenable successfully used DeepSeek to create a keylogger that could hide an encrypted log file on disk as well as develop a simple ransomware executable.
At its core, DeepSeek can create the basic structure for malware. However, it is not capable of doing so without additional prompt engineering as well as manual code editing for more advanced features. For instance, DeepSeek struggled with implementing process hiding. “We got the DLL injection code it had generated working, but it required lots of manual intervention,” Tenable writes in its report.
“Nonetheless, DeepSeek provides a useful compilation of techniques and search terms that can help someone with no prior experience in writing malicious code the ability to quickly familiarize themselves with the relevant concepts.”
“Based on this analysis, we believe that DeepSeek is likely to fuel further development of malicious AI-generated code by cybercriminals in the near future.”
deleted by creator
“Nonetheless, DeepSeek provides a useful compilation of techniques and search terms that can help someone with no prior experience in writing malicious code the ability to quickly familiarize themselves with the relevant concepts.”
deleted by creator
I’m firmly on the side of don’t censor the ai. If people want malware they will figure out how to do it (most likely git clone). I’ve been playing with the dolphin r1 recently and its quite effective.
Totally agree—security that’s painful for users but blind to real risks ends up doing more harm than good. Platforms like cyberupgrade.net try to fix that by automating employee training and flagging risky behavior without turning every login into an obstacle course.
