Appdome Preempts DeepSeek Attacks on Mobile Devices

New Dynamic Defense Plugins Ensure the Enterprise is Secure from DeepSeek Attacks

REDWOOD CITY, Calif., Feb. 25, 2025 /PRNewswire/ -- Appdome, the leader in protecting mobile businesses, today announced that new dynamic defense plugins are available on its AI-Native Defense platform to detect and defend against DeepSeek AI attacks on Android & iOS devices. The new plugins allow enterprises to safeguard mobile enterprise apps, harden remote access and protect mobile work from DeepSeek spyware.

The new plugins use behavioral analytics to detect unusual file access, data extraction, user monitoring, and unusual network traffic to external AI servers performed by DeepSeek. Like all Appdome defenses, the new dynamic defense plugins targeting DeepSeek attacks are available by choice using the Appdome platform without the need to integrate code, perform manual coding, implement SDKs, or deploy servers.

DeepSeek, a free, AI-powered chatbot mobile app, has grown in popularity quickly. It has also created a huge risk for enterprises and governments using mobile devices and apps in the workforce. For example, reports have surfaced that DeepSeek can be used as spyware to harvest and send user data to China without the user's knowledge. Likewise, users can unknowingly or accidentally post sensitive information to DeepSeek, creating data leakage risks for corporate data and sensitive documents.

Recognizing the severity of the threat posed by DeepSeek, some enterprises have banned the use of DeepSeek for work purposes. Likewise, several government agencies, including in the United States and South Korea have introduced legislation to ban the use of DeepSeek on mobile devices used for government purposes. However, these bans are without teeth because – without Appdome – there is no way to detect DeepSeek on a mobile device, particularly a BYOD mobile device in an enterprise setting. And there's no way to detect if DeepSeek is being used as spyware or if users share sensitive data via DeepSeek.

"The explosive popularity of DeepSeek AI creates a serious and immediate risk to the mobile enterprise," said Tom Tovar, co-creator and CEO of Appdome. "If you're one of the many who believe DeepSeek poses a risk to your mobile workforce or consumers, now you have a way to detect and prevent DeepSeek from infiltrating your mobile apps or exposing your data."

Appdome's new Detect DeepSeek Attack plugins are particularly powerful in enterprise use cases such as mobile apps for work, enterprise apps, and Bring Your Own Device (BYOD) mobile strategies. When deployed in an enterprise app, the defense will detect an active DeepSeek session on the device and offer enterprises and B2B mobile app makers multiple enforcement options to mitigate the DeepSeek risk. Appdome's new DeepSeek detection can be deployed stand alone or in combination with other defenses to detect DeepSeek being used as spyware and when employees post content to DeepSeek.

"As organizations race to embrace AI throughout the workforce and DeepSeek grows in popularity, enterprises need an early warning system to detect when specific AI tools are in use," said Chris Roeckl, Chief Product Officer at Appdome. "Today that threat comes from DeepSeek and tomorrow it could be another AI tool. No matter what, cyber organizations and IT need to be able to enforce policies regarding AI use responsibly."

In published cases, DeepSeek exposed users to unauthorized data collection, weak encryption practices, and potential surveillance by state-linked entities. Security analyses reveal that DeepSeek transmits user data without proper encryption, employs outdated cryptographic algorithms, and lacks robust anti-tampering protections, making it vulnerable to reverse engineering. Beyond these published risks, attackers can expedite the runtime analysis of potential victim apps by feeding DeepSeek with memory dumps, encrypted files, and server responses directly on the device. This could also enable runtime memory extraction, allowing attackers to scan active memory for cryptographic keys, authentication tokens, and decrypted session data, compromising financial transactions and authentication flows.

Additionally, DeepSeek may facilitate dynamic code injection by identifying unprotected vectors, enabling attackers to bypass security controls like root detection and anti-debugging, manipulate app behavior, and intercept sensitive interactions without persistent malware. The creators of DeepSeek have set guardrails designed to prevent using the AI model for malicious purposes, however, during the analysis of this model multiple "jailbreaks" were found that allow circumventing security restrictions.

"If you use mobile in the workforce, then you need to safeguard your organization against DeepSeek," said Kai Kenan, VP of Cyber Research at Appdome. "Users, even informed users, can download DeepSeek AI onto BYOD or shared devices used in highly sensitive operations. With Appdome DeepSeek detection, there's no reason to be in the dark about the use or infiltration of DeepSeek in the enterprise."

Learn more about Appdome AI-Native defense for DeepSeek AI threats.

About Appdome
Appdome's mission is to protect every mobile business and user in the world from scams, fraud, bots, and hackers. Mobile businesses, mobile apps, mobile platforms, operating systems, and threats constantly change. Appdome's patented AI-Native XTM Platform is designed to instantly accommodate these changes by automating every aspect of mobile application and business defense – from design to build, certification, monitoring, response, support, and resolution. Appdome uses AI to deliver a growing list of 10,000s of dynamic defense plugins created to address 400+ mobile app security, anti-fraud, bot defense, anti-malware, geo compliance, social engineering, deep fake and other attack vectors on demand. Mobile applications that are built using Appdome are Certified Secure™ at build time, eliminating the need for coding, SDKs, server attestation, work, and complexity in the cyber defense lifecycle. Appdome also uses AI inside its ThreatScope™ Mobile XDR, to continuously calculate a Mobile Risk Index™ for businesses and applications as well as rank and preempt attacks in real-time. In Appdome's Threat Resolution Center™, Appdome uses GenAI to provide customer support and care teams a quick and easy way to provide end-user threat resolution and remediation. All of Appdome's in-app and bot defenses can be used with Appdome's Threat-Events™ intelligence framework. This framework gathers threat and attack metadata, and is used to inform the application, application SDKs and back end network components when threats are present or to create customized threat responses inside Android & iOS apps. As a platform, Appdome also functions as a continuous compliance center, tracking all builds, changes, teams, users, defense configurations, events and more for quick and easy audit of the mobile defense lifecycle. Appdome holds several patents including U.S. Patents 9,934,017 B2, 10,310,870 B2, 10,606,582 B2, 11,243,748 B2 and 11,294,663 B2. Additional patents pending.

View original content to download multimedia:https://www.prnewswire.com/news-releases/appdome-preempts-deepseek-attacks-on-mobile-devices-302382752.html

SOURCE Appdome