• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Tuesday, July 7, 2026
  • Login
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home News

DeepSeek iOS App Poses Major Security Risk: Data Sent Unencrypted to ByteDance Servers

DeepSeek iOS app sends unencrypted data to ByteDance servers, bypassing Apple's security protocols. Learn why experts warn against using it.

by Nitika Tiwari
February 7, 2025
in News
Reading Time: 3 mins read
0
Deepseek AI
TwitterWhatsappLinkedin

DeepSeek iOS App Poses Severe Security and Privacy Risks

A recent investigation has uncovered alarming security flaws in the DeepSeek iOS app, an AI chatbot that has quickly gained popularity. Researchers at NowSecure found that the app transmits sensitive data over unencrypted channels, making it highly vulnerable to cyber threats. Even more concerning, this data is sent to servers controlled by ByteDance, the Chinese parent company of TikTok.

You might also like

Nirav Modi’s Seven-Year Legal Battle Ends as ECHR Dismisses Final Appeal

The Xbox Downsizing Shifting Strategy Spurs Massive Restructuring Wave

NPU vs GPU vs CPU Explained: Understanding the Brains Behind Modern Computers

How DeepSeek Bypasses Apple’s Security Protocols

Apple’s App Transport Security (ATS) is designed to ensure encrypted communication over iOS apps. However, DeepSeek has globally disabled ATS, exposing user data to potential interception. This means that any attacker monitoring network traffic could access user details, putting both individuals and organizations at risk.

What Data Is at Risk?

During the app’s initial registration process, the following unencrypted information is transmitted:

  • Organization ID
  • SDK version used to develop the app
  • User’s OS version
  • Language preference

Although some data is encrypted using Transport Layer Security (TLS), security experts warn that once decrypted on ByteDance-controlled servers, it could be cross-referenced with other user data to track individuals and their queries.

Use of Deprecated Encryption Methods

In addition to disabling ATS, the DeepSeek app employs an outdated encryption scheme known as 3DES (Triple Data Encryption Standard). The National Institute of Standards and Technology (NIST) deprecated 3DES in 2016 due to vulnerabilities that allow hackers to break encryption and decrypt data.

Even more troubling is that DeepSeek has hardcoded symmetric encryption keys into the app itself, meaning every iOS user shares the same keys. This practice is a major security failure and leaves users exposed to potential cyberattacks.

DeepSeek’s Data Storage in China Raises Red Flags

DeepSeek’s privacy policy explicitly states that all collected data is stored on servers in China. Furthermore, the policy notes that DeepSeek may share user data with:

  • Law enforcement agencies
  • Public authorities
  • Copyright holders
  • Other third parties, as deemed necessary

This raises concerns that the Chinese government could access user data, which is particularly alarming for organizations handling sensitive or confidential information.

Experts Warn Against Using DeepSeek

Security researchers and cybersecurity firms have strongly advised against using the DeepSeek app due to its glaring vulnerabilities.

Andrew Hoog, co-founder of NowSecure, stated:

“There are fundamental security practices that are not being observed, either intentionally or unintentionally. In the end, it puts your and your company’s data and identity at risk.”

Similarly, Thomas Reed, an iOS security expert at Huntress, warned:

“There’s no good reason for disabling ATS in this day and age. Even if they secured communications, I wouldn’t trust any sensitive data going to a server that China’s government could access.”

U.S. Lawmakers Call for Immediate Ban

In response to the security concerns, U.S. lawmakers have proposed banning DeepSeek from all government devices, citing national security threats. If the proposed legislation passes, the app could be prohibited within 60 days.

What Should Users Do?

If you have installed the DeepSeek app on your device, cybersecurity experts recommend the following actions:

  • Uninstall the app immediately to prevent further data exposure.
  • Avoid using the Android version, as it is reportedly even less secure than the iOS version.
  • Use only reputable AI chatbots from companies that follow strict security protocols.
  • Monitor for security updates from Apple and cybersecurity researchers regarding DeepSeek and similar apps.

Final Thoughts

The DeepSeek iOS app has demonstrated a blatant disregard for user security by disabling Apple’s encryption safeguards, employing outdated encryption methods, and storing data on Chinese servers. Given the potential risks of data leaks and government surveillance, users and organizations should immediately remove the app and avoid using its services.

For continued updates on cybersecurity threats, stay informed and follow trusted sources in the security industry.

Tags: #AIRegulation #DeepSeek #DataPrivacy #CyberSecurity #ArtificialIntelligence #TechNews#deep_sea_explorationdeep seek
Tweet56SendShare16
Previous Post

iPhone SE 4 Set to Launch Soon: What to Expect

Next Post

Infosys Layoffs: 400 Trainees Terminated After Failing Tests, Sparks Controversy

Nitika Tiwari

Nitika is a budding writer and an English Honours student with a passion for storytelling and journalism. She has gained valuable experience through various internships and editorial roles, sharpening her skills in creating engaging and insightful content. With a keen eye for detail and a love for exploring diverse topics, Nitika aims to create compelling narratives that inform and inspire.

Recommended For You

Nirav Modi’s Seven-Year Legal Battle Ends as ECHR Dismisses Final Appeal

by Rounak Majumdar
July 6, 2026
0
Nirav Modi's Seven-Year Legal Battle Ends as ECHR Dismisses Final Appeal

Fugitive diamond merchant Nirav Modi is now on the verge of being extradited to India after reportedly losing his final legal challenge before the European Court of Human...

Read more

The Xbox Downsizing Shifting Strategy Spurs Massive Restructuring Wave

by Anochie Esther
July 6, 2026
0
Xbox studio system downsize

The business model behind high-budget interactive entertainment is hitting an extreme breaking point as massive corporate investments run into flat platform growth. For nearly a decade, the gaming...

Read more

NPU vs GPU vs CPU Explained: Understanding the Brains Behind Modern Computers

by Ishaan Negi
July 6, 2026
0
NPU vs GPU vs CPU Explained: Understanding the Brains Behind Modern Computers

For years, buying a laptop or desktop was simple. You checked the processor, looked at the amount of RAM, maybe considered storage, and made your decision. The CPU...

Read more
Next Post
Infosys Loses $1.5 Billion AI Contract Signed Just Months Ago

Infosys Layoffs: 400 Trainees Terminated After Failing Tests, Sparks Controversy

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at info@techstory.in

Advertise With Us

Reach out at - info@techstory.in

Aviator Game India 2026

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple Artificial Intelligence bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News OpenAI samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2025 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2025 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?