Seek .(US:SKLTY) Zheng Quan Shi Bao Wang·2025-02-14 08:08Core Insights - The rapid popularity of the DeepSeek large model has led many companies and individuals to privatize its deployment, but most are operating in an unsecured manner [1][2] - A significant percentage of active Ollama model servers are exposed to the internet without authentication, increasing the risk of data breaches and service interruptions [1] - Security experts emphasize the need for immediate protective measures for those deploying DeepSeek services to mitigate potential threats [2] Group 1 - The monitoring platform by Qihoo 360 found that out of 8,971 Ollama model servers, 6,449 are active, with 88.9% operating without security measures [1] - The lack of security authentication has led to unauthorized access, which can result in data leaks and service disruptions [1][2] - Attackers can potentially issue commands to delete deployed DeepSeek and Qwen model files, posing a significant threat to system security [1] Group 2 - Automated scripts have been reported to scan for unsecured DeepSeek servers, leading to resource theft and server crashes for some users [2] - Six security vulnerabilities in the Ollama AI framework were disclosed, which could be exploited for various malicious activities, including DDoS attacks and model theft [2] - Experts recommend that all users of DeepSeek services implement effective security measures, such as modifying configurations and ensuring data transmission encryption [2]