The Chinese artificial intelligence company DeepSeek has been targeted by a wave of large-scale DDoS attacks, significantly disrupting its services. The assault on its infrastructure began shortly after the release of DeepSeek-R1, a model positioned as a strong competitor to OpenAI’s developments, offering a more accessible solution in the field of generative AI.
According to researchers at NSFOCUS, DDoS attacks on DeepSeek’s API interface were recorded on January 25, 26, and 27, with attackers leveraging NTP and Memcached reflection techniques. The average attack duration was 35 minutes, causing service outages and instability. DeepSeek-R1, renowned for its dialog generation and auto-completion capabilities, has garnered significant interest from developers, making the platform an attractive target.
Additionally, DeepSeek’s chat system experienced prolonged attacks on January 20 and 25, with disruptions lasting over an hour. This coincided with the company’s unveiling of a new model, distinguished by an enhanced reinforcement learning process and superior accuracy in mathematical and programming tasks.
The situation escalated further on January 28, when the DeepSeek team reported a massive cyberattack, forcing the company to change its IP addresses to protect its infrastructure. However, the attackers quickly adapted, launching a new wave of assaults, including CLDAP reflection attacks. Once again, DeepSeek’s primary domains were severely impacted, leaving its API platform in a paralyzed state.
Security experts have highlighted the precision and coordination of the attackers’ tactics. Merely switching IP addresses proved ineffective, as the perpetrators responded instantaneously, adjusting their strategy in real time. NSFOCUS researchers point to the international nature of the attack, identifying threat sources in the United States, the United Kingdom, and Australia. The use of distributed servers complicates attribution, a hallmark of highly organized cyber operations.
This cyber offensive underscores DeepSeek’s growing prominence in the global AI market and reflects the fierce competitive landscape in the technology sector. Beyond AI development, companies are increasingly required to fortify their cybersecurity defenses to withstand targeted attacks. In the modern technological landscape, infrastructure security has become an indispensable pillar of success for AI firms.
