As mobile devices increasingly become integral to business operations, the emergence of threats like DeepSeek poses significant risks. On 4 March 2025, Appdome announced the launch of new dynamic defence plugins designed to detect and mitigate DeepSeek attacks on both Android and iOS devices. This development aims to bolster mobile enterprise security by safeguarding applications and remote access from potential spyware threats.
DeepSeek, a popular AI-powered chatbot app, has garnered attention not only for its functionality but also for the security vulnerabilities it introduces. Reports have indicated that DeepSeek can operate as spyware, harvesting user data and potentially sending it to external servers without users’ consent. This creates substantial risks for organisations, particularly those using Bring Your Own Device (BYOD) policies, where employees might inadvertently expose sensitive information.
In response to these growing concerns, several enterprises have enacted bans on the use of DeepSeek in professional settings. Similarly, government bodies in countries such as the United States and South Korea have proposed legislation to restrict its use on government devices. However, these measures often lack enforcement mechanisms, as traditional security solutions struggle to detect DeepSeek on mobile devices.
Appdome’s new plugins utilise behavioural analytics to identify suspicious activities associated with DeepSeek, such as unusual file access, data extraction, and atypical network traffic directed towards external AI servers. By integrating these plugins, organisations can maintain visibility and control over their mobile applications, thereby reducing the risks associated with DeepSeek.
“The explosive popularity of DeepSeek AI creates a serious and immediate risk to the mobile enterprise,” noted Tom Tovar, co-creator and CEO of Appdome. He emphasised the need for organisations to adopt proactive measures to secure their mobile workforce and protect sensitive data.
The plugins are particularly effective in enterprise contexts, where they can detect active DeepSeek sessions on devices running enterprise applications. This capability allows businesses to enforce various mitigation strategies, ensuring that potential threats can be swiftly addressed. Furthermore, Appdome's detection can function independently or alongside other security measures for comprehensive protection.
The implications of DeepSeek extend beyond mere data collection. Security analyses have revealed that the app transmits user data without adequate encryption and employs outdated cryptographic methods, making it susceptible to exploitation. Attackers could use DeepSeek to perform dynamic code injections or exploit vulnerabilities in unprotected areas of applications, bypassing security controls and compromising sensitive interactions.
Appdome warned that even informed users could unknowingly download DeepSeek onto shared devices. “With Appdome DeepSeek detection, there’s no reason to be in the dark about the use or infiltration of DeepSeek in the enterprise,” stated Kai Kenan, VP of Cyber Research at Appdome.
As the landscape of mobile security continues to evolve, measures like Appdome's dynamic defence plugins represent critical advancements in safeguarding organisations against the multifaceted threats posed by applications like DeepSeek. The necessity for robust security frameworks is clearer than ever, especially as the use of mobile devices in sensitive operations becomes increasingly common.