These findings suggest that while DeepSeek R1 doesn’t provide turnkey malware solutions, it significantly lowers the technical barrier for creating harmful software, potentially accelerating malicious actors’ capabilities in developing sophisticated cyber threats. Their comprehensive testing revealed that while DeepSeek R1 can create the foundational structure for functional malware, the generated code typically contains errors requiring manual correction and additional prompting to implement more advanced features. Tenable’s research extended to ransomware creation, where DeepSeek generated code included persistence mechanisms through Windows Registry modifications and file enumeration functions to identify target files for encryption. The researchers further enhanced the malware with file hiding capabilities by implementing system attribute modifications, with the SetHiddenAttribute function making the log file invisible in standard Windows Explorer views. Cybersecurity researchers have discovered that DeepSeek R1, an open-source large language model, can be manipulated to create functioning malware despite built-in safeguards. Analysts at Tenable Research identified that simply framing requests as “for educational purposes only” was sufficient to bypass the model’s guardrails, allowing it to generate detailed malware code. The researchers successfully manipulated DeepSeek R1 to create a keylogger capable of capturing keystrokes, hiding its presence, and encrypting log files. While the initial code contained several critical errors, including hallucinated Windows style definitions and incorrect thread parameters, these were relatively straightforward to correct for someone with basic programming knowledge. This capability, while beneficial for legitimate programming assistance, also makes the model particularly effective at crafting detailed malicious code when its safeguards are bypassed. While the generated ransomware samples required significant manual editing, they demonstrated DeepSeek’s capability to produce the fundamental components needed for functional malicious software. The AI model, designed with reasoning capabilities, initially refuses to generate malicious code but can be circumvented through specific prompting techniques. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.
This Cyber News was published on cybersecuritynews.com. Publication date: Sat, 15 Mar 2025 14:15:19 +0000