Critical vulnerabilities have been disclosed in the Deepseek iOS application, which raises concerns concerning the risks of confidentiality and national security.
The application, which has been the best iOS download since January 25, 2025, transmits unacceptable sensitive user data to servers controlled by Bytedance, the Chinese company behind Tiktok.
In particular, this discovery has aroused rapid prohibitions from governments and organizations around the world.
Deepseek iOS Application sends Unsecry Data
The Nowsecure report highlights several alarming defects in the Deepseek iOS application:
Unsarnted data transmission: Sensitive user and device data is sent to insecure channels, exposing them to interception and manipulation. This defect is exacerbated by the global deactivation of the application of iOS application transport safety (ATS), integrated protection designed to apply encrypted communications.
Low encryption practices: The application uses triple encryption of (3ds) obsolete with keys coded in hard and reused initialization vectors (IV). These practices violate modern security standards, making quantified data vulnerable to deciphering by attackers.
Data storage without security: Critical information such as user names, passwords and encryption keys are stored in a inserted manner on devices, increasing the risk of identification flight.
In -depth and fingerprint data collection: The application collects data detailed by users and devices, including peripheral names, operating systems and network configurations. This data can be aggregated to unresard users and facilitate monitoring.
Data sent to China: User data is transmitted to the Volcènes de Bytedance servers, governed by Chinese laws which may oblige disclosure to the government. This raises significant concerns of compliance and monitoring of companies and governments using the application.
During their analysis, researchers discovered specific technical defects:
Network requests not encrypted: Requests of termination points such as sending user data identifiable without encryption, which makes it sensitive to the attacks of man in the middle (MITM).
Hard coded encryption keys: Using tools like Frida and Radare2, the researchers identified hard coded keys in the application code base.
Username, password and encryption keys stored insert: The device’s cache database contained sensitive information that has been recovered. An attacker can recover and use this data in specific circumstances, especially if they have physical access to a unlocked device.
Implications for companies and governments
The vulnerabilities identified in the iOS Deepseek application present serious risks:
- Exposure to data: Sensitive information such as intellectual property, strategic plans and confidential communications could be intercepted or compromised.
- Surveillance risks: In -depth capacities of fingerprints increase the probability of monitoring by data aggregation.
- Regulatory non-compliance: Organizations operating under strict data protection laws are confronted with conformity challenges due to the data storage of the application in China.
Several countries have already taken measures against Deepseek. South Korea, Australia, Taiwan and various American government agencies have prohibited its use on official devices.
The US military has also prohibited its installation to protect national security.
Recommended actions
Nowsecure strongly advice Organizations take immediate action:
- Prohibit its use in managed and byod environments.
- Consider self-hosted or secure AI platforms such as versions hosted by Microsoft from Deepseek.
- Regularly assess third -party applications for emerging risks.
Organizations must carry out safety assessments independent of all mobile applications deployed in their environment. The Deepseek case underlines the importance of prioritizing cybersecurity in an increasingly interconnected digital landscape.
PCI DSS 4.0 and prevention of attacks on the supply chain – Free webinar
