Fake DeepSeek AI App Spreads Banking Trojan - 1

Image by Solen Feyissa, from Unsplash

Fake DeepSeek AI App Spreads Banking Trojan

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

A new Android banking trojan, OctoV2, is spreading under the guise of the popular AI chatbot DeepSeek, cybersecurity researchers at K7 warn .

In a Rush? Here are the Quick Facts!

  • The malware spreads via a phishing site mimicking DeepSeek’s official platform.
  • It installs two malicious apps, one acting as a parent and the other a child.
  • The malware uses Accessibility Service permissions to control infected devices.

The malware tricks users into installing a fake DeepSeek app, which then steals login credentials and other sensitive data.

The attack starts with a phishing website, which closely mimics DeepSeek’s official platform. When users click the link, a malicious APK file named DeepSeek.apk is downloaded to their device.

Once installed, the fake app displays an icon identical to the real DeepSeek app, making it difficult to detect. Upon launch, it prompts users to install an “update.” Clicking the update button enables the “Allow from this source” setting, allowing a second app to install itself.

This results in two instances of the malware being installed on the victim’s device—one acting as a parent app (com.hello.world) and the other as a child app (com.vgsupervision_kit29).

The child app then aggressively requests Accessibility Service permissions, continuously displaying the settings page until the user grants access. Once enabled, the malware gains extensive control over the device.

Security researchers at K7 Labs found that the malware uses advanced evasion techniques. Both the parent and child apps are password-protected, making it difficult to analyze them with traditional reverse engineering tools. The parent app extracts a hidden “.cat” file from its assets folder, renames it “Verify.apk,” and installs it as the child package.

Once active, the malware scans the victim’s device for installed applications and transmits the data to a Command and Control (C2) server. It uses a Domain Generation Algorithm (DGA) to communicate with its operators, allowing it to evade domain blacklisting.

Experts warn users to be cautious when downloading apps. “Always use trusted platforms like Google Play or the App Store,” advises K7 Labs. Keeping devices updated and using reputable mobile security software can help detect and block such threats.

Google Introduces Personalized Conversations in Gemini AI Chatbot - 2

Photo by Shutter Speed on Unsplash

Google Introduces Personalized Conversations in Gemini AI Chatbot

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager
  • Reader’s Comments 1

Google announced new features to make Gemini, the tech giant’s flagship AI model, a more personal AI assistant for users this Thursday. The company also introduced enhancements to the model’s Deep Research feature, updates to the 2.0 Flash Thinking Experimental model, and released its Gems feature to customize AI models to all users.

In a Rush? Here are the Quick Facts!

  • Google is making Gemini more personal by integrating user data from Google apps for tailored AI responses.
  • The new personalization feature in Gemini lets users get AI-powered recommendations based on their past searches.
  • Google expands its AI offerings, making its Gems customization feature free for all users.

According to Google’s announcement , a new feature called personalization will connect users’ Google apps and services, including Search history, allowing the AI chatbot to provide tailored responses.

“For example, you can ask Gemini for restaurant recommendations and it will reference your recent food-related searches, or ask for travel advice and Gemini will respond based on destinations you’ve previously searched,” explained Dave Citron, Senior Director of Product Management for the Gemini app at Google.

The feature is still in a beta version. Users interested in testing the new technology must select “ Personalization (experimental)” from the drop-down options in the model’s platform. It can also be disconnected anytime.

Through the Gemini 2.0 Flash Thinking Experimental program, the tech giant has enhanced its Deep Research feature to provide more detailed and higher-quality responses. The model also integrates with the Chinese model DeepSeek , allowing users to choose their preferred AI assistant for queries.