DeepSeek R1 AI Can Generate Malware Despite Built-in Restrictions

Tenable researchers found that DeepSeek R1 can generate malware, raising concerns about AI’s role in cybercrime. Jailbreak techniques bypassed its ethical restrictions.

Tenable’s research team tested DeepSeek R1’s ability to create two common types of malware: keyloggers, which record keystrokes secretly, and ransomware, which encrypts files and demands payment for their release.

Initially, DeepSeek R1 adhered to ethical restrictions, refusing direct requests for malware. However, researchers bypassed these safeguards using a “jailbreak” method, framing their requests as “educational purposes.”

A key feature of DeepSeek R1 is its “chain-of-thought” (CoT) reasoning. This allows the AI to break down complex tasks into smaller steps, mimicking human problem-solving. When prompted, DeepSeek R1 outlined a plan for a keylogger, generating a C++ code sample.

However, the initial code contained errors, including incorrect function calls and missing components. The AI was unable to fix these issues on its own, but after some manual corrections, the keylogger became operational, successfully logging keystrokes to a file.

Researchers then tested DeepSeek R1’s ability to improve the malware. When asked how to better conceal the log file, it suggested encryption techniques. Again, the AI provided flawed but helpful code, which the researchers refined into a working implementation.

The team also examined whether DeepSeek R1 could create ransomware. As with the keylogger, the AI outlined an attack strategy and produced several code samples. However, none were immediately functional. After adjustments, the ransomware could search for files, encrypt them, and ensure it remained active after system restarts.

Despite requiring human intervention, Tenable’s research suggests that DeepSeek R1 significantly lowers the technical barriers for cybercriminals. “We successfully used DeepSeek to create a keylogger that could hide an encrypted log file on disk as well as develop a simple ransomware executable,” the researchers stated.

Tenable warns that DeepSeek R1 is likely to contribute to the increasing use of AI-generated malware. While it lacks full automation, it provides a powerful resource for attackers with basic coding knowledge to refine their techniques.