Security at DeepSeek?

On January 29, 2025, Wiz Research identified a significant security vulnerability within DeepSeek, a Chinese AI startup renowned for its advanced AI models. During a routine security assessment, Wiz Research discovered that DeepSeek had a publicly accessible ClickHouse database that lacked any form of authentication, making it vulnerable to unauthorized access.

Discovery Process

The investigation began with a comprehensive scan of DeepSeek’s publicly available domains. Through both passive and active reconnaissance techniques, approximately 30 internet-facing subdomains were identified. While most of these subdomains appeared benign, hosting elements like chatbot interfaces, status pages, and API documentation, two subdomains with open ports (8123 and 9000) stood out:

  • oauth2callback.deepseek.com
  • dev.deepseek.com

Further examination revealed that these ports led to a publicly exposed ClickHouse database, accessible without any authentication. ClickHouse is an open-source, columnar database management system designed for fast analytical queries on large datasets. The absence of security measures allowed unrestricted access to the database’s contents.

Security Implications

  1. Data Leakage and Privacy Risks

The database contained chat histories, which could reveal private conversations between users. If attackers accessed this data, they could analyze user interactions, exposing potentially confidential or sensitive information.

  1. API Key and OAuth Credential Exposure

The leaked database contained API keys and OAuth credentials, which act as digital passwords for communication between applications. If hackers obtained these keys, they could:

  • Gain unauthorized access to DeepSeek’s systems.
  • Modify or steal AI-generated data for their own purposes.
  • Exploit DeepSeek’s computing power for malicious activities.
  1. Potential for System Takeover

The database also contained backend system details, making it easier for hackers to map DeepSeek’s infrastructure and identify weak points.

This could lead to:

  • Data manipulation – Attackers could modify AI responses or training data.
  • Denial-of-service (DoS) attacks – Hackers could overload the system, causing crashes or slowdowns.
  • Credential stuffing attacks – If employee login details were exposed, hackers could attempt to access other DeepSeek systems using the same credentials.

The exposed database contained over a million log entries, including:

  • Chat Histories: Plaintext logs of user interactions.
  • API Keys: Sensitive credentials that could grant unauthorized access to DeepSeek’s services.
  • Backend Details: Information revealing internal system configurations and operations.
  • Operational Metadata: Data providing insights into the system’s functioning and structure.

Upon discovering these vulnerabilities, Wiz Research promptly notified DeepSeek. The company responded swiftly by securing the exposed database, mitigating the immediate risks associated with the data exposure.

Leave a Comment

Your email address will not be published. Required fields are marked *