Cybersecurity Newsflash: Researchers find security vulnerabilities in DeepSeek for iOS

On January 20, Chinese startup DeepSeek sent shockwaves across the global AI sector — and for that matter, multiple financial markets — after claiming that its new reasoning model series dubbed “R1” could operate much cheaper, and use far less energy, than AI-powered chatbots developed by tech giants OpenAI and Google.

Now, less than a month after its unprecedented unveiling, DeepSeek tremors are once again rippling across the world. But this time, they didn’t stem from a savvy marketing event. Rather, they were triggered by an urgent warning from mobile app security vendor NowSecure.

Multiple security and privacy risks

On February 6, NowSecure researchers published the findings of a comprehensive analysis that revealed multiple security and privacy risks in DeepSeek’s iOS app. These vulnerabilities include:

• Unencrypted data transmission: The app transmits sensitive data over the internet without encryption, which makes it vulnerable to interception and manipulation.
• Weak and hardcoded encryption keys: The app uses outdated Triple DES encryption, reuses initialization vectors, and hardcodes encryption keys — all of which violate established security best practices for safeguarding data.
• Insecure data storage: The app insecurely stores username, password, and encryption keys, which increases the risk of credential theft.
• Extensive data collection: The app collects user and device data, which can be used by bad actors for tracking and re-identifying anonymous data.
• Data is sent to China: App users may be unaware that their data is transmitted to servers controlled by ByteDance, which is the Chinese company that owns TikTok. This raises concerns about data governance practices under Chinese jurisdiction, including warrantless surveillance.
• Disabled iOS privacy controls: The app bypasses Apple’s security features and lacks mandatory privacy manifests, which increase exposure to tracking and fingerprinting.

Until these vulnerabilities are resolved, NowSecure is calling on all organizations to immediately ban the use of DeepSeek, which has been downloaded millions of times since its release, and is currently the 3rd most popular “productivity” app in the App Store (after several days at #1). Instead, organizations should find an alternative AI solution that offers similar functionality, yet with better security, privacy, and data governance practices.

NowSecure is further advising organizations that do not want to, or cannot, replace DeepSeek at this time to reduce their risk exposure by leveraging an open source model with a hosted solution, or deploying a self-hosting model.

Android users: beware

NowSecure’s founder Andrew Hoog has said that while his research team has not yet finished their in-depth analysis of DeepSeek for Android, he believes that the basic design should be functionally similar to the iOS version. If this turns out to be the case, then most or all of the same vulnerabilities would be present.

Additional concerns

NowSecure isn’t the only company that is sounding alarms about DeepSeek’s security:

• Researchers at Check Point Software found that bad actors are leveraging DeepSeek and Quen (a collection of large language models developed by Alibaba Cloud) to develop malicious content.
• Researchers at Cisco found that DeepSeek exhibited a 100% attack success rate, which means that it failed to block a single harmful prompt.
• Researchers at Wiz found that a publicly accessible database belonging to DeepSeek allowed full control over database operations, including the ability to access internal data including a million lines of log streams with highly sensitive information.

While these vulnerabilities do not directly pertain to DeepSeek’s iOS app, they nevertheless raise some troubling questions about the company’s security profile, policies, and practices that need to be answered.

Insight & advice from Devolutions’ Operations Security Specialist William Matos

These findings by NowSecure researchers are serious, and are prompting several countries and organizations around the world to ban or investigate DeepSeek due to its potential privacy and security risks.

At Devolutions, security is our top priority, and has been since day one. We do not compromise or take short-cuts when it comes to safeguarding data in transit or at rest, or protecting the privacy and confidentiality of our users. To put this another way: we take security as seriously as our global community of users, many of whom are highly experienced InfoSec security professionals.

Below is a comparison of security features in Devolutions Password Hub vs. DeepSeek iOS (note: while Devolutions Password Hub is a cloud-based password management solution and DeepSeek is an AI-powered chatbot, this overview clearly illustrates our enhanced commitment to security and protecting user data):

• Encryption Strength Devolutions Password Hub: AES-256 & TLS 1.2/1.3 for data protection DeepSeek iOS: Weak encryption (3DES, hardcoded keys)

• Data Transmission Security Devolutions Password Hub: Fully encrypted end-to-end DeepSeek iOS: Unencrypted data transmitted over the internet

• Cloud Infrastructure Devolutions Password Hub: Hosted on secure and compliant cloud platforms (ISO 27001, SOC2) DeepSeek iOS: Sends data to Volcano Engine (ByteDance servers)

• Zero-Knowledge Architecture Devolutions Password Hub: No one (not even Devolutions) can access stored passwords DeepSeek iOS: Collects user and device data without consent

• Compliance & Privacy Devolutions Password Hub: GDPR, SOC 2, ISO 27001 compliant DeepSeek iOS: Bypasses Apple security (ATS), violating best practices

• Data Ownership & Control Devolutions Password Hub: User-controlled, all data belongs to the organization DeepSeek iOS: Data stored on external servers, outside user control

In addition, Devolutions does not operate on “security by obscurity.” Transparency is one of our company’s most fundamental values, and is demonstrated in multiple ways such as:

• Our cryptographic library is open-sourced and available online on Github for public scrutiny.
• We regularly publish third-party security reports and certifications such as ISO/IEC 27001 and SOC2 in the Security & Compliance section of our website.
• We list advisories for all known security vulnerabilities on our website. Each advisory includes remediation and workarounds, a severity level score per the Common Vulnerability Scoring System (CVSS), and a Common Vulnerabilities and Exposures (CVE) number. Users can also subscribe to receive the latest advisories by email.
• We run a Bug Bounty program that encourages and incentivizes researchers to try to “attack and break” our products, so that we can proactively fortify vulnerabilities and fix coding/programming errors.
• All current and prospective users are invited to contact us with any security-related questions about our solutions, or about our organization’s policies and practices.

Looking ahead

In just a few weeks, DeepSeek has dramatically changed and accelerated the AI race. However, ​the potential and promise of AI-powered chatbots — which include but are certainly not limited to DeepSeek — can only be fully realized when they are fundamentally rooted in robust security. It is therefore up to vendors, governments, and members of the global security community (a prime example of which is the excellent work by NowSecure researchers in this case) to ensure that high security standards are consistently met.

Ultimately, we must not lose sight of the truth that, regardless of whether it is hailed as “breakthrough”, “game-changing”, “transformative”, or anything else lofty and exciting, a product that by design or neglect puts user data at risk, and undermines their trust and confidence, is not (yet) a beneficial solution to adopt — it is a serious problem to fix.

Share your thoughts

We invite you to share your thoughts, experiences, and predictions regarding DeepSeek, or any other AI-powered chatbot. Please comment below.