Cybersecurity researchers have discovered that cybercriminals are exploiting the growing popularity of DeepSeek, a Chinese artificial intelligence platform, to distribute malware through fake Google ads.

According to a new report by Malwarebytes, individuals searching for DeepSeek on Google are being exposed to malicious sponsored ads that mimic the official AI platform. When users click these ads, they are redirected to a fraudulent website designed to look nearly identical to the real one.

Fake site pushes dangerous trojan

The fake website contains a download button that secretly installs a trojan identified as Malware.AI.1323738514. This malware, based on Microsoft Intermediate Language (MSIL), can bypass some security protocols and compromise users’ devices.

Malwarebytes researchers warned that this campaign is highly deceptive due to the professional appearance of the fake site and the use of Google-sponsored ads to lure unsuspecting users.

“If you don’t want to see sponsored ads at all, it’s worth considering installing an ad-blocker that will make sure you go straight to the regular search results,” the alert advised.

DeepSeek under increasing scrutiny in the U.S.

This malware campaign comes amid growing concerns over DeepSeek’s data privacy practices. Last month, the state of Texas became the first U.S. state to officially ban DeepSeek, along with Chinese social apps RedNote and Lemon8, from all state-owned devices.

Texas lawmakers cited national security and data protection risks as the primary reasons behind the ban, reflecting a wider trend in the U.S. toward limiting Chinese tech platforms over fears of surveillance and data misuse.

How users can stay protected

Cybersecurity experts strongly urge users to avoid clicking on sponsored search results when looking for software or tools, especially lesser-known or foreign-developed platforms. Instead, they recommend typing URLs directly into the address bar or using verified links from official sources.

Users should also:

• Double-check the website’s URL for subtle changes or typos.

• Use browser security features or antivirus tools that flag malicious links.

• Enable ad blockers to reduce exposure to fake sponsored listings.

• Be cautious of pop-up prompts or download buttons that seem too polished or urgent.

Final thoughts

As DeepSeek gains popularity, it has also attracted the attention of cybercriminals looking to exploit users through fake advertising and malware campaigns. With rising tensions around data privacy and foreign tech, users must remain cautious and informed.

Avoiding sponsored results and installing basic security tools can go a long way in staying safe online. As the threat landscape evolves, digital awareness is just as important as antivirus software.