Security researchers have found that the website code of the Chinese artificial intelligence company DeepSeek may automatically send login information of some users to China Mobile. China Mobile is a state-owned telecommunications company in China that is banned from operating in the United States due to its close ties with the Chinese military.
The latest research reveals that the login interface of DeepSeek’s chatbot webpage contains a highly obfuscated computer script, which, when decrypted, shows connections to China Mobile’s computing infrastructure. This code appears to be a part of DeepSeek’s account creation and user login process.
Both DeepSeek and China Mobile did not respond to requests for comments from the Associated Press.
The discovery was first made by Canadian cybersecurity firm Feroot Security, who shared their findings with the Associated Press. Subsequently, a second group of computer experts independently verified that the DeepSeek chatbot webpage does indeed include code connected to China Mobile.
Stewart Baker, a lawyer and consultant in Washington, D.C., commented that DeepSeek brings about security concerns similar to those of the Chinese short video social media app TikTok. However, DeepSeek may involve more sensitive information, potentially posing a higher risk to national security and personal privacy than TikTok. Baker previously served as a senior official in the Department of Homeland Security and the National Security Agency.
Users may unknowingly input sensitive data into generative AI systems, including confidential business information and highly private personal information. Experts warn that when these AI platforms are owned by geopolitical adversaries, data security risks are further amplified, potentially turning into intelligence gold mines for adversaries.
Feroot specializes in identifying network threats. The company found that when logging into DeepSeek, a certain computer code is downloaded and triggered. This code may collect detailed information about the user’s login device, a process known as “fingerprinting.” This technology is commonly used by global tech companies for security authentication and targeted advertising.
Further analysis revealed that the code contains links to China Mobile’s identity verification and management system, suggesting it may be part of the login process for certain users on DeepSeek.
Ivan Tsarynny, CEO of Feroot, expressed shock, stating, “It’s shocking that we are allowing Beijing to monitor Americans without their knowledge, and we’re not doing anything about it.”
“It’s difficult to believe this is just a coincidence. There are too many unusual aspects. You know that saying ‘where there’s smoke, there’s fire’? In this case, there is a cloud of suspicion,” Tsarynny added.
The Associated Press also consulted two academic cybersecurity experts – Joel Reardon from the University of Calgary and Serge Egelman from the University of California, Berkeley – to independently analyze the code. They confirmed the connection between DeepSeek’s login system and China Mobile.
Reardon remarked, “It’s clear that China Mobile is somehow involved in the registration process of DeepSeek.” He did not observe data transmission during testing but suggested that data transfer might be activated for certain users or login methods.
Although Feroot and other researchers did not observe data being transmitted to China Mobile during DeepSeek login tests in North America, they cannot rule out the possibility of some user data being transmitted to the Chinese telecommunications company.
This analysis applies only to the web version of DeepSeek. Researchers did not analyze the mobile version.