Hazard celebrities are using the popularity of the , DeepSeek to showcase two vile Python Package Index ( PyPI), where they impersonated AI software developer tools, to profit from the rise in popularity.
The packages were named “deepseeek” and “deepseekai” after the Chinese artificial intelligence business, creator of the R1 large-language concept that just saw a , rapid surge in popularity.
Ironically, the plans were uploaded by an “aged” profile created in June 2023 with no previous engagement.  ,
The items posing as Python customers for DeepSeek AI were infostealers, according to Positive Technologies researchers who found the plan and reported it to PyPI.
When executed on the company’s system, the malignant payload , stole user and system data as well as setting variables such as API keys, database credentials, and infrastructure access tokens.
Next, the stolen information was exfiltrated to a command and control ( C2 ) server at eoyyiyqubj7mquj. m. pipedream [. ] online using Pipedream, a reputable automation platform.

Origin: Positive Technologies
Concern players could use this stolen information to access cloud solutions, directories, and other protected sources utilized by the engineer.
The Positive Technologies report states that the functions used in these packages are intended to collect user and system data and take environment variables.
” The load is executed when the user runs the orders deepseeek or deepseekai ( depending on the package ) in the command-line program”.
” Environment variables often contain sensitive data required for software to run, for example, API keys for the S3 storage service, database credentials, and privileges to access other infrastructure tools”.
Multiple victims
The malicious packages, deepseeek 0.0.8 and deepseekai 0.0.8 were uploaded to PyPI on January 29, 2025, with only twenty minutes between them.

Origin: Positive Technologies
Positive Technologies quickly identified and reported them to PyPI, which quarantined and restricted the packages ‘ downloads, followed by their complete removal from the platform.
Despite the quick detection and response, 222 developers downloaded the two packages, most from the United States ( 117 ), followed by China ( 36), Russia, Germany, Hong Kong, and Canada.
Those developers who utilized these packages should immediately rotate their API keys, authentication tokens, and passwords, as they may now be compromised.
Any cloud services whose credentials were hacked should also be screened to make sure they weren’t compromised as well.