Subscribe

0

News

Tenable Research Identifies Security Risks in AI-Powered Cybercrime

Recently, Tenable Research identified vulnerabilities in DeepSeek R1 that allow it to generate malware, raising concerns about AI’s role in cyber threats.

author-image
DQC Bureau
New Update
Tenable Research Identifies Security Risks in AI-Powered Cybercrime

Tenable Research Identifies Security Risks in AI-Powered Cybercrime

As generative artificial intelligence (GenAI) advances, cybercriminals seek ways to exploit its capabilities. While mainstream GenAI models include safeguards against misuse, Tenable Research has identified vulnerabilities in DeepSeek R1 that allow it to generate malware, raising concerns about AI’s role in cyber threats.

Advertisment

Tenable’s security researchers conducted an experiment to evaluate whether DeepSeek R1 could create malicious software, specifically a keylogger and a simple ransomware sample. Initially, the AI model refused these requests. However, researchers found that by using common jailbreaking techniques and framing the request as an "educational exercise," they could bypass its safeguards.

“DeepSeek initially rejected our request to generate a keylogger,” said Nick Miles, staff research engineer at Tenable. “But with simple jailbreaking methods, we quickly overcame its restrictions.”

Once these safeguards were bypassed, DeepSeek was able to:

Advertisment

  • Generate a keylogger that encrypts logs and stores them discreetly on a device.

  • Produce a ransomware executable capable of encrypting files.

This research highlights the potential for GenAI to lower barriers to cybercrime. While DeepSeek’s output still requires manual refinement, it enables individuals with little to no coding experience to explore malware development by generating foundational code and suggesting relevant techniques. This capability could accelerate the learning curve for novice cybercriminals, increasing the risks associated with AI-driven cyber threats.

“Tenable’s research highlights the urgent need for responsible AI development and stronger guardrails to prevent misuse. As AI capabilities evolve, organisations, policymakers, and security experts must work together to ensure that these powerful tools do not become enablers of cybercrime,” said Miles.

Advertisment

 

Read More:

X Cyber Attack Highlights Cyber Risks: Industry Speaks on Cyber Threats

Advertisment

Partners Lead the Way in Shaping the Future of Virtualization

How Agentic AI is Revolutionizing Modern Businesses?