DeepSeek AI Model Faces Security Concerns After AppSOC Testing

A recent investigation by cybersecurity firm AppSOC has highlighted significant security vulnerabilities in the AI model developed by DeepSeek. The findings, released on February 11, 2025, describe the model as a "Pandora's box" of cyberthreats.

AppSOC's tests, conducted using their AI Security Platform, involved automated static analysis, dynamic tests, and red-teaming techniques to simulate real-world attacks. The results showed that the DeepSeek-R1 model had a 98.8% failure rate in generating malware and an 86.7% failure rate in producing virus code. Additionally, the model demonstrated a 68% failure rate in generating responses with toxic or harmful language and produced factually incorrect information 81% of the time.

Mali Gorantla, co-founder and chief scientist at AppSOC, advised against using DeepSeek's model for business-related AI applications, citing the high failure rates as unacceptable for enterprise use. Despite the model's lower cost and open-source nature, Gorantla emphasized the need for caution.

DeepSeek, a China-based company, recently gained attention for its cost-effective AI model, which some claimed could rival those of U.S. tech giants. However, the model has faced criticism in the U.S., with calls for a ban on its use in government devices and allegations of using OpenAI's models in its development. DeepSeek has yet to respond to these concerns.