BrowserVenom’ is pure poison.
Suspected cybercriminals have created a fake installer for the Chinese AI model DeepSeek-R1 and downloaded previously unknown malware called “BrowserVenom”.
The malware’s name reflects its ability to route all browser traffic through a server controlled by the attacker.
This allows fraudsters to steal data, monitor browsing activity and potentially expose plain-language traffic. So website credentials, session cookies, financial account information and sensitive emails and documents are all at risk – exactly the kind of information that fraudsters are looking for to commit digital fraud and/or sell to other criminals.
So far, the malware has infected several computers in Brazil, Cuba, Mexico, India, Nepal, South Africa and Egypt. Kaspersky, which detected a phishing campaign that spreads malware by sending victims to a fake website that resembles the real DeepSeek homepage, said the malware remains a “global threat”.
While the malware used in this campaign is new, the tactic of using interest in AI to spread nasty payloads is becoming increasingly common.
These campaigns use phishing sites with domain names slightly different from those run by real AI providers, and criminals use malicious ads and other tactics to make them appear prominently in search engine results. But instead of the promised chatbot or AI tool, they infect unwitting victims with everything from credit-data and wallet-stealing malware to ransomware and Windows patches.
For this campaign, the URL https[:]//deepseek-platform[.]com was used.
The criminals advertised this address to many potential victims by buying ads from Google, so it appeared as the number one result when users searched for “deepseek r1”.
Google says it has removed the attack ads. “Prior to the publication of this report, we detected this malware campaign and suspended the advertiser’s account,” a Google spokesperson told The Register.
When Windows users access the site, it prompts them to click on a button that says “Try now”. Kaspersky found that users on other platforms are similarly presented with misleading buttons with different wording.
Clicking the button takes the user to a CAPTCHA screen, which gives the site the appearance of legitimacy. The page also contains hidden JavaScript to check that the user is not a bot, so that scammers know they have found someone worth hitting.
Once the victim has solved the CAPTCHA code, they will be redirected to a download page with a “Download Now” button. Clicking on it will download the malicious installer, AI_Launcher_1.21.exe, from this domain: https://r1deepseek-ai[.]com/gg/cc/AI_Launcher_1.21.exe.
According to Kaspersky, the code on the scammers’ site contains comments in Russian, suggesting that they speak Russian. However, the security firm has not linked this campaign to a specific cybercriminal group or individual.
When the installer runs, it opens another window that mimics the Cloudflare CAPTCHA (which is also a fake), which once again verifies that the victim is human. Next, the malware redirects the user to a screen where the user is offered the option to download and install either Ollama or LM Studio to run DeepSeek. It doesn’t matter which one they click on: both will trigger the BrowserVenom infection.
When the malware runs, it first checks whether the user has administrator rights. If not, the malware will stop.
For those deemed worthy of infection, BrowserVenom installs a hard-coded certificate generated by the attacker, giving criminals permanent access and allowing traffic interception.
BrowserVenom also adds a hard-coded proxy server address to all currently installed and running browsers, which also allows its users to monitor the victims’ traffic.
Then they take their nasty actions.