Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
ClickLock macOS Stealer Kills Apps, Forces Password Entry
July 17, 2026
Top 10 Identity Threat Detection and Response (ITDR) Solutions for 2026
July 17, 2026
GPT-5.6 Codex Bug Deletes Files From Home Directories
July 17, 2026
Home/Threats/Fake DeepSeek TUI GitHub Repositories Deliver Malware
Threats

Fake DeepSeek TUI GitHub Repositories Deliver Malware

Key Takeaways Threat actors are distributing malware by impersonating popular AI tools, including DeepSeek TUI, on GitHub. Fake repositories mimic legitimate projects to trick developers and AI...

Jennifer sherman
Jennifer sherman
May 11, 2026 5 Min Read
49 0

Key Takeaways

  • Threat actors are distributing malware by impersonating popular AI tools, including DeepSeek TUI, on GitHub.
  • Fake repositories mimic legitimate projects to trick developers and AI enthusiasts into downloading malicious 7z archives.
  • The malware, identified as a Rust-written variant of the OpenClaw family, disables Windows Defender, establishes multi-stage persistence, and evades sandbox detection.
  • Numerous other AI-themed installers, such as those for Claude, Grok, and WormGPT, are linked to the same attack infrastructure, indicating a broad campaign.
  • Users are advised to rigorously verify GitHub repository authenticity and implement robust endpoint detection to mitigate risks.

Cybersecurity researchers have uncovered a new campaign where threat actors are exploiting the popularity of AI tools by creating counterfeit GitHub repositories to distribute malware. The latest target in this sophisticated scheme is DeepSeek TUI, a legitimate terminal-based intelligent agent designed for interacting with DeepSeek large language models.

Table Of Content

  • Key Takeaways
  • Fake DeepSeek TUI Repository Used as Malware Delivery Point
  • Multi-Stage Persistence and Anti-Sandbox Evasion
  • What You Should Do

The timing of this attack aligns with a surge in interest following the release of DeepSeek v4 and widespread discussions by developer Hunter Bown within Chinese tech communities. This heightened visibility made DeepSeek TUI an attractive target for cybercriminals seeking to capitalize on trending AI software.

This tactic mirrors a growing trend in the developer ecosystem where malicious actors construct highly convincing fake GitHub repositories. These fraudulent pages are meticulously designed to resemble authentic projects, deceiving unsuspecting users into downloading malicious software. In this particular instance, the malware was embedded within a 7z compressed archive, presented as a standard software release on the fake repository’s Releases page.

Researchers at the QiAnXin Threat Intelligence Center were instrumental in detailing this campaign. They observed that the malware’s functionalities closely resemble those of OpenClaw, a previously documented spoofing attack that QiAnXin exposed in March 2026. The reuse of command-and-control (C2) domain names from the earlier OpenClaw campaign strongly suggests that the same threat actor is behind these ongoing and evolving operations.

A particularly alarming aspect of this campaign is the extensive array of fake AI-themed installer names associated with the same attack infrastructure. Beyond DeepSeek TUI, investigators discovered fraudulent files masquerading as popular tools like Claude, Grok, WormGPT, KawaiiGPT, and FraudGPT, among others, all pointing to a unified threat landscape.

Fake DeepSeek TUI Repository Used as Malware Delivery Point

Analysis of the malicious samples revealed a shared PDB path, “ClawCode.pdb,” linking all identified executables to a common Rust-written malware family. This consistent signature indicates a coordinated threat actor who systematically rotates spoofing targets to maximize impact.

The primary malware file in question, DeepSeek-TUI_x64.exe, with an MD5 hash of b96c0d609c1b7e74f8cb1442bf0b5418 and a compilation timestamp of April 29, 2026, initiates its malicious activities with a thorough environment check. This initial phase is designed to detect virtual machines, known analysis tools, or other suspicious system characteristics indicative of a sandbox environment. If such conditions are met, the malware displays a deceptive message, “Sorry, your system does not meet the minimum requirements,” and terminates silently to avoid detection.

Upon confirming it is operating on a genuine user system, the malware proceeds to disable critical Windows Defender protections. This is achieved through an XOR-encrypted PowerShell script that adds six folder exclusions, deactivates cloud-based reporting, halts behavior monitoring, and opens three inbound firewall ports: 57001, 57002, and 56001. The string decryption key “xnasff3wcedj” is used in the sample, and the malware subsequently retrieves second-stage payloads hosted on Azure from Pastebin and snippet.host links.

The downloaded second-stage components each play a distinct role in maintaining the attacker’s foothold. OneSync.exe and WinHealhCare.exe are responsible for installation, setting up scheduled tasks, and reporting back to the attackers via Telegram. The onedrive_sync.exe component ensures persistence by modifying the Windows Run registry key. Meanwhile, svc_service.exe functions as the core resident component, utilizing NT syscalls for thread injection and loading .NET assemblies directly into memory to evade traditional detection mechanisms.

Multi-Stage Persistence and Anti-Sandbox Evasion

The campaign’s sophisticated use of multiple persistence mechanisms significantly complicates the removal of the malware once a system has been compromised. The malicious code is designed to survive system reboots and other disruptions by leveraging scheduled tasks, registry Run keys, Winlogon hooks, and startup shortcuts.

A second-stage loader, autodate.exe, further enhances stealth by posing as a service manager while covertly injecting payloads into memory. The command-and-control (C2) domains identified in this operation are mikolirentryifosttry.info and zkevopenanu.cfd.

What You Should Do

  • Verify Repository Authenticity: Always scrutinize GitHub repositories before downloading any files. Check the account age, commit history, and the number of genuine contributors. Look for official links from the project’s primary website.
  • Exercise Caution with New/Trending Tools: Be especially wary of newly released or trending AI tools, as these are frequently targeted by threat actors.
  • Implement Endpoint Detection and Response (EDR): Deploy EDR solutions capable of monitoring for memory injection techniques, unusual PowerShell activity, and unauthorized changes to security settings.
  • Maintain Strong Security Practices: Keep operating systems and security software updated. Use robust antivirus and antimalware solutions.
  • Educate Users: Inform developers and AI enthusiasts about the risks of downloading software from unverified sources and the importance of supply chain security.

Indicators of Compromise (IoCs):-

Type Indicator Description
MD5 b96c0d609c1b7e74f8cb1442bf0b5418 DeepSeek-TUI_x64.exe (first-stage dropper)
MD5 7de2896e373342e0f3b765c855bf7396 bbg_free_x64.exe
MD5 78c11c45c00a9c22f537c59a472beca1 CatGatekeeper_x64.exe
MD5 df36a31148d2c6414bdafeab771ea728 CatGatekeeper_x64.exe
MD5 14920c9751d20452a1006d20b8e73234 CatGatekeeper_x64.exe
MD5 f6d328422e7ca22e70a6aa71315450f3 CatGatekeeper_x64.exe
MD5 86c7f2a3c307928daaca7c1df3ea5d72 CatGatekeeper_x64.exe
MD5 dbaa133fd3d1a834460206d83b480f80 ClaudeDesign-Optimized_x64.exe
MD5 22c0c7d441fd22432cfe7854b59ba82b ClaudeDesign-Optimized_x64.exe
MD5 a224f44bdac16250d8093df68e05b512 DeepSeek-TUI_x64.exe
MD5 6861fa47889e0340ab7efaab448c56b6 DeepSeek-TUI_x64.exe
MD5 437e4bdb12d7fa8d1c9a9e9db84b8726 DeepSeek-TUI_x64.exe
MD5 fbfe7513685913e6f878647eec429d45 deepseek-v4-pro_x64.exe
MD5 562d48524313d414b5a419fed6ca10aa DV4-MCP-Setup.exe
MD5 df8a2e7aa46af996bdf67d79601671c3 fraudGPT_x64.exe
MD5 f101a346502a324320f952d39e217064 fraudGPT_x64.exe
MD5 5d14461718b74b86fdd68c6aee801dc4 GLM5-Local_x64.exe
MD5 556b35236eeb111b0606d88a7aa3fd87 gpt-image-2-desktop.exe
MD5 ff371b43786cbb87dab325ce17cf8b7c gpt-image-2-desktop.exe
MD5 1bd1df4f228ecd29a9b6fab48beaa366 GrokCLI_x64.exe
MD5 975bd8eb56716adbcadb5216592a17c7 Hermes-Agent_x64.exe
MD5 347980085c8926d5a1ff8e15a31fd812 Hermes-Agent_x64.exe
MD5 46917d8326d77e4e3c39cb843dbfc675 KawaiiGPT_x64.cpl.exe
MD5 b6f77b48223f57c67f00ccd8ab3d047e KawaiiGPT_x64.exe
MD5 8dde7a417130ae78a3f2aeed1f5b8f58 Kimi-K2.6_x64.exe
MD5 4c7abc81b308fc874ec0de4f026db260 Kimi-K2.6_x64.exe
MD5 48dd212fae0086822d4ae7696cc61693 LTX-2.3_x64.exe
MD5 faa5f780fb0e0786dd1a2bd19af290ca opus-4-7_x64.exe
MD5 6721f30d84f58532d877f2b31bfc9162 opus-4-7_x64.exe
MD5 a9d492ab22400257f756f0308e06f04c worldmonitor_x64.exe
MD5 d0a92b090279894f4628bc3d627fbde0 WormGPT_x64.exe
MD5 397405106d895815a9bef8d84445af5a OneSync.exe (two-stage component)
MD5 b7a76b82c2a5e16a3c346cc6aa145556 WinHealhCare.exe (two-stage component)
MD5 f01e96a80f92c414dd824aef5a1ac1e7 onedrive_sync.exe (two-stage component)
MD5 ecb3e753b60cc0f3d7de50fe7f133e49 svc_service.exe (two-stage component)
MD5 68ba5a1bafae7db35e2eee7ea3f11882 autodate.exe (two-stage component)
MD5 e102797eb4225a93eaeeaa6b9979716a vicloud.exe (two-stage component)
Domain mikolirentryifosttry.info C2 command and control server
Domain zkevopenanu.cfd C2 command and control server
URL hxxps://pastebin.com/raw/w6BVFFWQ Primary payload staging link
URL hxxps://pastebin.com/raw/5tmHDYrf Secondary payload staging link
URL hxxps://pastebin.com/raw/M6KthA5Z Payload decompression password storage
URL hxxps://snippet.host/beuskq/raw Backup payload staging link
URL hxxps://snippet.host/uikosx/raw Backup payload password storage
URL hxxps://hkdk.events/djbk1i9hp0sqoh Telegram relay endpoint

Note: IP addresses and domains are intentionally defanged (e.g., [.]) to prevent accidental resolution or hyperlinking. Re-fang only within controlled threat intelligence platforms such as MISP, VirusTotal, or your SIEM.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackHackerMalwareSecurityThreat

Share Article

Jennifer sherman

Jennifer sherman

Jennifer is a cybersecurity news reporter covering data breaches, ransomware campaigns, and dark web markets. With a background in incident response, Jennifer provides unique insights into how organizations respond to cyber attacks and the evolving tactics of threat actors. Her reporting has covered major breaches affecting millions of users and has helped organizations understand emerging threats. Jennifer combines technical knowledge with investigative journalism to deliver in-depth coverage of cybersecurity incidents.

Previous Post

Law Enforcement Takedown Exposes 22,000 Cybercrime Forum Users

Next Post

Hackers Use DLL Sideloading in Fake Claude AI Malware Campaign

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Linus Torvalds Clarifies Linux Kernel’s Stance on AI Development
July 17, 2026
7-Zip Critical Vulnerability Exposes Millions to Remote Code Execution
July 17, 2026
Two Hackers Jailed for Hacking 148 TfL Systems, Forcing 27,000 Staff Password Resets
July 17, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Emy Elsamnoudy
Emy Elsamnoudy
Jennifer sherman
Jennifer sherman
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us