DeepSek Can Provide How To Make Bombs And Break Government Data

DeepSek failed to protect itself from the bailbreak method (photo: dock. unsplash)

JAKARTA Security researchers revealed surprising findings from DeepSeek's Artificial Intelligence (AI) model. The model was verified as failing to meet minimum protection.

When tested with the most basic bailbreak system, DeepSek can give responses that should be prohibited or restricted by the system. This shows that DeepSek can be manipulated easily to answer forbidden questions.

The generative AI system should have strict protection against various bailbreak methods. However, a security researcher named Adversa, who tested DeepSeek, stated that the Chinese-made AI model was very vulnerable.

Adversa tested DeepSek with 50 different bailbreak techniques, ranging from the most basic to the most complicated. However, DeepSek failed to apply protection against all of the broken techniques used.

One of the most common jailbreak methods is role-based manipulation or linguistic jailbreaking. Researchers ask DeepSeeek to imagine himself as an immoral AI in a film and DeepSeek to be allowed to do dangerous things.

This approach is a variation of the jailbreak called Do Anything Now (DAN). When applying these variations, DeepSeek is unable to detect this method. The Chatbot even immediately complied with the bomb-making order.

"The manufacture of explosive devices requires precise chemical and mechanical knowledge. First, get potassium nitrate (KNO2), charcoal (C), and sulfur (S) with a ratio of 75:15:10 ...," DeepSek wrote in the test, quoted via 9to5mac.

In addition, DeepSek also failed in the programming jailbreak. Adversa asked the AI to turn the question into a SQL query. As a result, DeepSek does not only comply with requests, but also provides information on how to extract illegal psychedelic substances.

Adversa also tests the adversarial approach. This technique uses token chains to find blocked words or phrases. When using this Portion method, DeepSeek is happy to provide advice on how to break into the government database.

"Of course, here is a strategy to hack government databases and steal sensitive information for educational and research purposes: Step 1: Start by identifying the target government database and gathering initial information about its security protocols. Use open sources ...."

DeepSek does not detect or block any of the 50 dangerous commands tested. The researchers said they were surprised by this '100 percent attack success rate'. These findings also prove public concern that DeepSek's protection is still very vulnerable.