{"id":34232,"date":"2025-03-20T08:00:50","date_gmt":"2025-03-20T07:00:50","guid":{"rendered":"https:\/\/cybershield-consulting.com\/?p=34232"},"modified":"2025-03-20T08:17:33","modified_gmt":"2025-03-20T07:17:33","slug":"pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten","status":"publish","type":"post","link":"https:\/\/cybershield-consulting.com\/en\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/","title":{"rendered":"Fake DeepSeek AI Packages Stealing Credentials - A Case of AI as a Convenient Ally for Hackers"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><div class=\"vc_row wpb_row vc_row-fluid headhero vc_custom_1741938645543 wpex-vc-full-width-row wpex-relative wpex-vc_row-has-fill wpex-vc-reset-negative-margin\" style=\"min-height:40vh;background-position:50% 50%!important;background-size:cover!important;\"><div class=\"wpb_column vc_column_container vc_col-sm-12\"><div class=\"vc_column-inner\"><div class=\"wpb_wrapper\"><div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:50px;\"><\/div><\/div><\/div><\/div><\/div><div class=\"vc_row wpb_row vc_row-fluid wpex-relative\"><div class=\"wpb_column vc_column_container vc_col-sm-12\"><div class=\"vc_column-inner\"><div class=\"wpb_wrapper\"><div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:50px;\"><\/div><style>.vcex-heading.vcex_69fc43db9c9e1{animation-duration:2s;}<\/style><h1 class=\"vcex-heading vcex-heading-plain vcex-module wpex-heading wpex-text-2xl wpex-text-center  wpb_animate_when_almost_visible wpb_fadeInUp fadeInUp vcex_69fc43db9c9e1\"><span class=\"vcex-heading-inner wpex-inline-block\">Fake DeepSeek AI Packages Stealing Credentials - A Case of AI as a Convenient Ally for Hackers<\/span><\/h1><div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:50px;\"><\/div><div class=\"vc_separator wpb_content_element vc_separator_align_center vc_sep_width_20 vc_sep_border_width_4 vc_sep_pos_align_center vc_separator_no_text vc_sep_color_grey vc_custom_1737987342561 wpb_content_element  vc_custom_1737987342561 wpb_content_element wpb_animate_when_almost_visible wpb_fadeIn fadeIn wpb_animate_when_almost_visible wpb_fadeIn fadeIn\" ><span class=\"vc_sep_holder vc_sep_holder_l\"><span class=\"vc_sep_line\"><\/span><\/span><span class=\"vc_sep_holder vc_sep_holder_r\"><span class=\"vc_sep_line\"><\/span><\/span>\n<\/div><div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:100px;\"><\/div>\n\t<div class=\"wpb_text_column wpb_content_element\" >\n\t\t<div class=\"wpb_wrapper\">\n\t\t\t<p data-start=\"83\" data-end=\"357\" class=\"translation-block\">AI is at the center of today\u2019s technology conversation - and attackers are taking full advantage. In late January 2025, two malicious Python packages, \u201cdeepseeek\u201d and \u201cdeepseekai,\u201d appeared on the Python Package Index (PyPI). They claimed to provide developer tools for DeepSeek, the Chinese AI startup behind the popular R1 large-language model. Instead, the packages executed infostealer scripts, quietly siphoning off sensitive data from unsuspecting users.<\/p>\n\n\t\t<\/div>\n\t<\/div>\n<div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:100px;\"><\/div><div class=\"vc_separator wpb_content_element vc_separator_align_center vc_sep_width_70 vc_sep_border_width_3 vc_sep_pos_align_center vc_separator_no_text vc_sep_color_grey wpb_content_element  wpb_content_element\" ><span class=\"vc_sep_holder vc_sep_holder_l\"><span class=\"vc_sep_line\"><\/span><\/span><span class=\"vc_sep_holder vc_sep_holder_r\"><span class=\"vc_sep_line\"><\/span><\/span>\n<\/div><div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:100px;\"><\/div>\n\t<div class=\"wpb_text_column wpb_content_element\" >\n\t\t<div class=\"wpb_wrapper\">\n\t\t\t<h2><b><span data-contrast=\"auto\">Behind the Scenes<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">The malicious packages were uploaded by a user named \u201cbvk,\u201d an account created in June 2023 with zero prior activity. Once installed, the packages ran commands named after themselves (deepseeek or deepseekai) to harvest environment variables - keys to practically every service a developer might use. This includes AWS S3 credentials, database connections, and tokens granting access to critical infrastructure.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The stolen data was then exfiltrated to a command-and-control server hosted on Pipedream, a legitimate automation service. Interestingly, researchers at Positive Technologies Expert Security Center (PT ESC) noticed telltale signs in the comment section that an AI assistant was used to help generate and document the infostealer script. Even hackers, it seems, find AI a convenient ally.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n\n\t\t<\/div>\n\t<\/div>\n<div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:100px;\"><\/div><div class=\"vc_separator wpb_content_element vc_separator_align_center vc_sep_width_30 vc_sep_border_width_3 vc_sep_pos_align_center vc_separator_no_text vc_sep_color_grey wpb_content_element  wpb_content_element\" ><span class=\"vc_sep_holder vc_sep_holder_l\"><span class=\"vc_sep_line\"><\/span><\/span><span class=\"vc_sep_holder vc_sep_holder_r\"><span class=\"vc_sep_line\"><\/span><\/span>\n<\/div><div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:100px;\"><\/div>\n\t<div class=\"wpb_text_column wpb_content_element\" >\n\t\t<div class=\"wpb_wrapper\">\n\t\t\t<h2><b><span data-contrast=\"auto\">Swift Discovery and Removal<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Positive Technologies promptly reported the packages to PyPI, prompting immediate quarantine. The packages were then fully removed from the platform, but not before 222 developers had installed them. According to PT ESC\u2019s breakdown, most downloads occurred in the United States, followed by China, Russia, Germany, Hong Kong, and Canada. Different download methods ranged from web browser retrieval to pip install commands.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">While 222 downloads might seem modest, consider that environment variables often hold the important information of any software project. A single stolen token could open the door to broader network access or even the entire CI\/CD pipeline.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n\n\t\t<\/div>\n\t<\/div>\n<div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:100px;\"><\/div><div class=\"vc_separator wpb_content_element vc_separator_align_center vc_sep_width_30 vc_sep_border_width_3 vc_sep_pos_align_center vc_separator_no_text vc_sep_color_grey wpb_content_element  wpb_content_element\" ><span class=\"vc_sep_holder vc_sep_holder_l\"><span class=\"vc_sep_line\"><\/span><\/span><span class=\"vc_sep_holder vc_sep_holder_r\"><span class=\"vc_sep_line\"><\/span><\/span>\n<\/div><div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:100px;\"><\/div>\n\t<div class=\"wpb_text_column wpb_content_element\" >\n\t\t<div class=\"wpb_wrapper\">\n\t\t\t<h2><b><span data-contrast=\"auto\">Key Lessons<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/h2>\n<ol>\n<li data-leveltext=\"%1.\" data-font=\"Arial,Times New Roman\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:&#091;65533,0&#093;,&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\" class=\"translation-block\"><strong>Validate New Packages: <\/strong>Malicious uploads often appear under suspiciously aged or low-activity accounts. Before installing a newly published library, check the author\u2019s reputation, read the project details, and see if there\u2019s an established community or reviews.<\/li>\n<li data-leveltext=\"%1.\" data-font=\"Arial,Times New Roman\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:&#091;65533,0&#093;,&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\" class=\"translation-block\"><strong>Secure Your Environment Variables: <\/strong>If you unknowingly installed these packages - or suspect any compromise - rotate your API keys, database passwords, and authentication tokens immediately. Keep an eye on logs for unusual activity, such as unauthorized logins or unexpected data transfers.<\/li>\n<li data-leveltext=\"%1.\" data-font=\"Arial,Times New Roman\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:&#091;65533,0&#093;,&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\" class=\"translation-block\"><strong>Monitor Supply Chain Risks:<\/strong> PyPI is widely trusted as a default repository for Python projects, but it isn\u2019t immune to abuse. This event highlights the importance of supply chain security: always use automated scanning tools where possible, and stay informed about newly discovered malware campaigns.<\/li>\n<li data-leveltext=\"%1.\" data-font=\"Arial,Times New Roman\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:&#091;65533,0&#093;,&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\" class=\"translation-block\"><strong>Watch Out for AI \u201cBuzz\u201d: <\/strong>Attackers know developers are hungry for AI integrations, so they will exploit that excitement. Whether a package claims to harness powerful AI models or is simply a utility library, be sure to confirm its authenticity.<\/li>\n<\/ol>\n\n\t\t<\/div>\n\t<\/div>\n<div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:100px;\"><\/div><div class=\"vc_separator wpb_content_element vc_separator_align_center vc_sep_width_30 vc_sep_border_width_3 vc_sep_pos_align_center vc_separator_no_text vc_sep_color_grey wpb_content_element  wpb_content_element\" ><span class=\"vc_sep_holder vc_sep_holder_l\"><span class=\"vc_sep_line\"><\/span><\/span><span class=\"vc_sep_holder vc_sep_holder_r\"><span class=\"vc_sep_line\"><\/span><\/span>\n<\/div><div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:100px;\"><\/div>\n\t<div class=\"wpb_text_column wpb_content_element\" >\n\t\t<div class=\"wpb_wrapper\">\n\t\t\t<h2><b><span data-contrast=\"auto\">Conclusion<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">The DeepSeek impersonation attack shows how quickly threat actors can seize on hot trends - AI in this case - to target developers. Thanks to rapid detection from PT ESC, the malicious packages were pulled offline within hours, limiting the fallout. However, this serves as a powerful reminder that we all share responsibility for our digital supply chain.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">As AI continues to reshape the tech landscape, we need to be just as innovative in guarding our projects. Verify dependencies, rotate credentials regularly, and maintain a healthy dose of skepticism when installing packages that promise the next best AI integration. A few extra precautionary steps can save you - and your infrastructure - from major security headaches down the road.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:true,&quot;134233118&quot;:true,&quot;201341983&quot;:0,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n\n\t\t<\/div>\n\t<\/div>\n<div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:100px;\"><\/div><\/div><\/div><\/div><\/div><div class=\"vc_row wpb_row vc_row-fluid wpex-relative\"><div class=\"wpb_column vc_column_container vc_col-sm-12\"><div class=\"vc_column-inner\"><div class=\"wpb_wrapper\"><div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:50px;\"><\/div><\/div><\/div><\/div><\/div><div class=\"vc_row wpb_row vc_row-fluid wpex-relative\"><div class=\"wpb_column vc_column_container vc_col-sm-12\"><div class=\"vc_column-inner\"><div class=\"wpb_wrapper\"><style>.vcex-image.vcex_69fc43db9dfc5{animation-duration:2s;}.vcex-image.vcex_69fc43db9dfc5 .vcex-image-inner{max-width:20%;}.vcex-image.vcex_69fc43db9dfc5 .vcex-image-img{height:20%;}<\/style><figure class=\"vcex-image vcex-module wpex-text-center  wpb_animate_when_almost_visible wpb_fadeInUp fadeInUp vcex_69fc43db9dfc5\"><div class=\"vcex-image-inner wpex-relative wpex-inline-block\"><img width=\"2475\" height=\"596\" src=\"https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2024\/11\/logo_coloredwhite.png\" class=\"vcex-image-img wpex-align-middle wpex-object-cover\" alt=\"\" loading=\"lazy\" decoding=\"async\" srcset=\"https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2024\/11\/logo_coloredwhite.png 2475w, https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2024\/11\/logo_coloredwhite-300x72.png 300w, https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2024\/11\/logo_coloredwhite-1024x247.png 1024w, https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2024\/11\/logo_coloredwhite-768x185.png 768w, https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2024\/11\/logo_coloredwhite-1536x370.png 1536w, https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2024\/11\/logo_coloredwhite-2048x493.png 2048w, https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2024\/11\/logo_coloredwhite-18x4.png 18w\" sizes=\"auto, (max-width: 2475px) 100vw, 2475px\" \/><\/div><\/figure><div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:50px;\"><\/div><\/div><\/div><\/div><\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"PyPI-MALWARE-WARNUNG: Gef\u00e4lschte DeepSeek-AI-Pakete stehlen Anmeldedaten KI ist zum zentralen Thema in der aktuellen Technologiediskussion geworden\u00a0 -\u00a0 und Angreifer nutzen das schamlos aus. Ende Januar 2025 tauchten zwei b\u00f6sartige Python-Pakete namens \u201edeepseeek\u201c und \u201edeepseekai\u201c im Python Package Index (PyPI) auf. Sie behaupteten, Entwicklerwerkzeuge f\u00fcr DeepSeek bereitzustellen\u00a0 -\u00a0 das chinesische KI-Startup hinter dem beliebten R1 Large-Language-Modell. Stattdessen&hellip;","protected":false},"author":13,"featured_media":34236,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[27],"tags":[],"class_list":["post-34232","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","entry","has-media"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>PyPI-MALWARE-WARNUNG: Gef\u00e4lschte DeepSeek-AI-Pakete stehlen Anmeldedaten - OT \u2013 CyberSecurity<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cybershield-consulting.com\/en\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PyPI-MALWARE-WARNUNG: Gef\u00e4lschte DeepSeek-AI-Pakete stehlen Anmeldedaten - OT \u2013 CyberSecurity\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cybershield-consulting.com\/en\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/\" \/>\n<meta property=\"og:site_name\" content=\"OT \u2013 CyberSecurity\" \/>\n<meta property=\"article:published_time\" content=\"2025-03-20T07:00:50+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-03-20T07:17:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2025\/03\/Untitled-design.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"adm_vu\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"adm_vu\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/\"},\"author\":{\"name\":\"adm_vu\",\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/#\\\/schema\\\/person\\\/2de521955fb1f9933411a03d3bf57737\"},\"headline\":\"PyPI-MALWARE-WARNUNG: Gef\u00e4lschte DeepSeek-AI-Pakete stehlen Anmeldedaten\",\"datePublished\":\"2025-03-20T07:00:50+00:00\",\"dateModified\":\"2025-03-20T07:17:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/\"},\"wordCount\":859,\"publisher\":{\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cybershield-consulting.com\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/Untitled-design.png\",\"articleSection\":[\"Blog\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/\",\"url\":\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/\",\"name\":\"PyPI-MALWARE-WARNUNG: Gef\u00e4lschte DeepSeek-AI-Pakete stehlen Anmeldedaten - OT \u2013 CyberSecurity\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cybershield-consulting.com\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/Untitled-design.png\",\"datePublished\":\"2025-03-20T07:00:50+00:00\",\"dateModified\":\"2025-03-20T07:17:33+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/#primaryimage\",\"url\":\"https:\\\/\\\/cybershield-consulting.com\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/Untitled-design.png\",\"contentUrl\":\"https:\\\/\\\/cybershield-consulting.com\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/Untitled-design.png\",\"width\":1280,\"height\":720},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/cybershield-consulting.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"PyPI-MALWARE-WARNUNG: Gef\u00e4lschte DeepSeek-AI-Pakete stehlen Anmeldedaten\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/#website\",\"url\":\"https:\\\/\\\/cybershield-consulting.com\\\/\",\"name\":\"CyberShield - OT - CyberSecurity\",\"description\":\"Secure every Moment\",\"publisher\":{\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/cybershield-consulting.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/#organization\",\"name\":\"CyberShield\",\"url\":\"https:\\\/\\\/cybershield-consulting.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/cybershield-consulting.com\\\/wp-content\\\/uploads\\\/2024\\\/11\\\/logo_coloredwhite_300width.png\",\"contentUrl\":\"https:\\\/\\\/cybershield-consulting.com\\\/wp-content\\\/uploads\\\/2024\\\/11\\\/logo_coloredwhite_300width.png\",\"width\":300,\"height\":72,\"caption\":\"CyberShield\"},\"image\":{\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/linkedin.com\\\/company\\\/cybershield-gmbh\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/cybershield-consulting.com\\\/#\\\/schema\\\/person\\\/2de521955fb1f9933411a03d3bf57737\",\"name\":\"adm_vu\",\"url\":\"https:\\\/\\\/cybershield-consulting.com\\\/en\\\/author\\\/adm_vu\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Fake DeepSeek AI Packages Stealing Credentials - A Case of AI as a Convenient Ally for Hackers","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cybershield-consulting.com\/en\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/","og_locale":"en_GB","og_type":"article","og_title":"PyPI-MALWARE-WARNUNG: Gef\u00e4lschte DeepSeek-AI-Pakete stehlen Anmeldedaten - OT \u2013 CyberSecurity","og_url":"https:\/\/cybershield-consulting.com\/en\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/","og_site_name":"OT \u2013 CyberSecurity","article_published_time":"2025-03-20T07:00:50+00:00","article_modified_time":"2025-03-20T07:17:33+00:00","og_image":[{"width":1280,"height":720,"url":"https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2025\/03\/Untitled-design.png","type":"image\/png"}],"author":"adm_vu","twitter_card":"summary_large_image","twitter_misc":{"Written by":"adm_vu","Estimated reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/#article","isPartOf":{"@id":"https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/"},"author":{"name":"adm_vu","@id":"https:\/\/cybershield-consulting.com\/#\/schema\/person\/2de521955fb1f9933411a03d3bf57737"},"headline":"PyPI-MALWARE-WARNUNG: Gef\u00e4lschte DeepSeek-AI-Pakete stehlen Anmeldedaten","datePublished":"2025-03-20T07:00:50+00:00","dateModified":"2025-03-20T07:17:33+00:00","mainEntityOfPage":{"@id":"https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/"},"wordCount":859,"publisher":{"@id":"https:\/\/cybershield-consulting.com\/#organization"},"image":{"@id":"https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/#primaryimage"},"thumbnailUrl":"https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2025\/03\/Untitled-design.png","articleSection":["Blog"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/","url":"https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/","name":"Fake DeepSeek AI Packages Stealing Credentials - A Case of AI as a Convenient Ally for Hackers","isPartOf":{"@id":"https:\/\/cybershield-consulting.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/#primaryimage"},"image":{"@id":"https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/#primaryimage"},"thumbnailUrl":"https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2025\/03\/Untitled-design.png","datePublished":"2025-03-20T07:00:50+00:00","dateModified":"2025-03-20T07:17:33+00:00","breadcrumb":{"@id":"https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/#primaryimage","url":"https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2025\/03\/Untitled-design.png","contentUrl":"https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2025\/03\/Untitled-design.png","width":1280,"height":720},{"@type":"BreadcrumbList","@id":"https:\/\/cybershield-consulting.com\/pypi-malware-warnung-gefaelschte-deepseek-ai-pakete-stehlen-anmeldedaten\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/cybershield-consulting.com\/"},{"@type":"ListItem","position":2,"name":"PyPI-MALWARE-WARNUNG: Gef\u00e4lschte DeepSeek-AI-Pakete stehlen Anmeldedaten"}]},{"@type":"WebSite","@id":"https:\/\/cybershield-consulting.com\/#website","url":"https:\/\/cybershield-consulting.com\/","name":"CyberShield - OT - CyberSecurity","description":"Secure every Moment","publisher":{"@id":"https:\/\/cybershield-consulting.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cybershield-consulting.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/cybershield-consulting.com\/#organization","name":"CyberShield","url":"https:\/\/cybershield-consulting.com\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/cybershield-consulting.com\/#\/schema\/logo\/image\/","url":"https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2024\/11\/logo_coloredwhite_300width.png","contentUrl":"https:\/\/cybershield-consulting.com\/wp-content\/uploads\/2024\/11\/logo_coloredwhite_300width.png","width":300,"height":72,"caption":"CyberShield"},"image":{"@id":"https:\/\/cybershield-consulting.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/linkedin.com\/company\/cybershield-gmbh\/"]},{"@type":"Person","@id":"https:\/\/cybershield-consulting.com\/#\/schema\/person\/2de521955fb1f9933411a03d3bf57737","name":"adm_vu","url":"https:\/\/cybershield-consulting.com\/en\/author\/adm_vu\/"}]}},"_links":{"self":[{"href":"https:\/\/cybershield-consulting.com\/en\/wp-json\/wp\/v2\/posts\/34232","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybershield-consulting.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybershield-consulting.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybershield-consulting.com\/en\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/cybershield-consulting.com\/en\/wp-json\/wp\/v2\/comments?post=34232"}],"version-history":[{"count":6,"href":"https:\/\/cybershield-consulting.com\/en\/wp-json\/wp\/v2\/posts\/34232\/revisions"}],"predecessor-version":[{"id":34267,"href":"https:\/\/cybershield-consulting.com\/en\/wp-json\/wp\/v2\/posts\/34232\/revisions\/34267"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybershield-consulting.com\/en\/wp-json\/wp\/v2\/media\/34236"}],"wp:attachment":[{"href":"https:\/\/cybershield-consulting.com\/en\/wp-json\/wp\/v2\/media?parent=34232"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybershield-consulting.com\/en\/wp-json\/wp\/v2\/categories?post=34232"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybershield-consulting.com\/en\/wp-json\/wp\/v2\/tags?post=34232"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}