Appdome, a leading mobile business protection platform, has introduced new dynamic defense plugins to detect and defend against DeepSeek AI attacks on Android and iOS devices. These plugins use behavioral analytics to detect unusual file access, data extraction, user monitoring, and network traffic to external AI servers. The new dynamic defense plugins are available by choice on the Appdome platform without integrating code, performing manual coding, implementing SDKs, or deploying servers. DeepSeek, a free chatbot mobile app, has become a significant threat to enterprises and governments, as it can be used as spyware to harvest and send user data to China.

Recognizing the severity of the threat posed by DeepSeek, some enterprises have banned using DeepSeek for work purposes. Likewise, several government agencies, including in the United States and South Korea have introduced legislation to ban the use of DeepSeek on mobile devices used for government purposes. However, these bans are without teeth because – without Appdome – there is no way to detect DeepSeek on a mobile device, particularly a BYOD mobile device in an enterprise setting. And there’s no way to detect if DeepSeek is being used as spyware or if users share sensitive data via DeepSeek. 

“The explosive popularity of DeepSeek AI creates a serious and immediate risk to the mobile enterprise,” said Tom Tovar, co-creator and CEO of Appdome. “If you’re one of the many who believe DeepSeek poses a risk to your mobile workforce or consumers, now you have a way to detect and prevent Deepseek from infiltrating your mobile apps or exposing your data.”

Appdome’s new Detect DeepSeek Attack plugins are particularly powerful in enterprise use cases such as mobile apps for work, enterprise apps, and Bring Your Own Device (BYOD) mobile strategies. When deployed in an enterprise app, the defense will detect an active DeepSeek session on the device and offer enterprises and B2B mobile app makers multiple enforcement options to mitigate the DeepSeek risk. Appdome’s new DeepSeek detection can be deployed stand-alone or in combination with other defenses to detect DeepSeek being used as spyware and when employees post content to DeepSeek.  

“As organizations race to embrace AI throughout the workforce and DeepSeek grows in popularity, enterprises need an early warning system to detect when specific AI tools are in use,” said Chris Roeckl, Chief Product Officer at Appdome. “Today that threat comes from DeepSeek and tomorrow it could be another AI tool. No matter what, cyber organizations and IT need to be able to enforce policies regarding AI use responsibly.”

In published cases, DeepSeek exposed users to unauthorized data collection, weak encryption practices, and potential surveillance by state-linked entities. Security analyses reveal that DeepSeek transmits user data without proper encryption, employs outdated cryptographic algorithms, and lacks robust anti-tampering protections, making it vulnerable to reverse engineering. Beyond these published risks, attackers can expedite the runtime analysis of potential victim apps by feeding DeepSeek with memory dumps, encrypted files, and server responses directly on the device. This could also enable runtime memory extraction, allowing attackers to scan active memory for cryptographic keys, authentication tokens, and decrypted session data, compromising financial transactions and authentication flows.

Additionally, DeepSeek may facilitate dynamic code injection by identifying unprotected vectors, enabling attackers to bypass security controls like root detection and anti-debugging, manipulate app behavior, and intercept sensitive interactions without persistent malware. The creators of DeepSeek have set guardrails designed to prevent using the AI model for malicious purposes, however, during the analysis of this model multiple “jailbreaks” were found that allow circumventing security restrictions.

“If you use mobile in the workforce, then you need to safeguard your organization against DeepSeek,” said Kai Kenan, VP of Cyber Research at Appdome. “Users, even informed users, can download DeepSeek AI onto BYOD or shared devices used in highly sensitive operations. With Appdome DeepSeek detection, there’s no reason to be in the dark about the use or infiltration of DeepSeek in the enterprise.”

Learn more about Appdome AI-Native defense for DeepSeek AI threats.