Summary: Recent incidents of LLMjacking have emerged, wherein cybercriminals illegally exploit stolen access to deep learning models like those from DeepSeek. This underhanded practice allows individuals to use expensive language models for various illicit purposes without incurring the costs. The rapid adoption of reverse proxy tools and growing communities around LLMjacking highlight that this trend is escalating rapidly, posing significant risks to victims and organizations alike.
Affected: DeepSeek and cloud service account holders
Keypoints :
- LLMjacking involves stealing access to cloud-based language models, allowing attackers to use them for free.
- Researchers observed a quick turnaround in attackers gaining access to new DeepSeek models shortly after their release.
- Victims may experience significant spikes in cloud service bills, with individuals reporting charges exceeding ,000 within hours of unauthorized usage.
Source: https://www.darkreading.com/application-security/llm-hijackers-deepseek-api-keys