1 Static Analysis of The DeepSeek Android App
Albertha Tribolet edited this page 2025-02-10 22:01:37 +08:00


I a fixed analysis of DeepSeek, a Chinese LLM chatbot, using variation 1.8.0 from the Google Play Store. The goal was to identify potential security and utahsyardsale.com personal privacy concerns.

I've blogged about DeepSeek previously here.

Additional security and privacy concerns about DeepSeek have actually been raised.

See likewise this analysis by NowSecure of the iPhone variation of DeepSeek

The findings detailed in this report are based simply on static analysis. This means that while the code exists within the app, there is no conclusive evidence that all of it is performed in practice. Nonetheless, the presence of such code warrants examination, especially provided the growing concerns around information personal privacy, monitoring, the possible misuse of AI-driven applications, and cyber-espionage dynamics in between worldwide powers.

Key Findings

Suspicious Data Handling & Exfiltration

- Hardcoded URLs direct data to external servers, raising issues about user activity monitoring, such as to ByteDance "volce.com" endpoints. NowSecure determines these in the iPhone app yesterday also. - Bespoke file encryption and information obfuscation techniques exist, with indicators that they might be used to exfiltrate user details.