Disabling App Transport Security (ATS) in the DeepSeek iOS app significantly facilitates man-in-the-middle (MitM) attacks by allowing unencrypted data transmission. Here's how this vulnerability can be exploited:
1. Unencrypted Data Transmission: ATS is an iOS feature designed to enforce HTTPS connections, ensuring that data is transmitted securely over the internet. By disabling ATS, DeepSeek allows its app to send data over unencrypted HTTP channels. This means that any data transmitted between the app and DeepSeek's servers can be intercepted and read by an attacker with control over the network[6][8].
2. Man-in-the-Middle Attacks: In a MitM attack, an attacker positions themselves between the user's device and the server. By intercepting unencrypted data, the attacker can not only read sensitive information but also modify it. This could lead to unauthorized access to user accounts or manipulation of data exchanged between the user and the app[1][4].
3. Exploitation of Network Vulnerabilities: When ATS is disabled, DeepSeek's app becomes more susceptible to attacks on networks that are not secure. For instance, if a user connects to a public Wi-Fi network that is compromised, an attacker could easily intercept and manipulate the data being transmitted by the app[6][8].
4. Increased Risk of Data Exposure: The lack of encryption and the ability to intercept data make it easier for attackers to obtain sensitive information such as usernames, passwords, or other personal data. This information can be used for identity theft, unauthorized access, or other malicious activities[1][4].
5. Potential for Data Manipulation: Beyond just intercepting data, an attacker in a MitM position can also modify the data being transmitted. This could lead to unauthorized actions being performed on behalf of the user or the introduction of malware into the communication stream[4][6].
In summary, disabling ATS in the DeepSeek app creates a significant security risk by allowing unencrypted data transmission, which can be exploited by attackers to intercept, read, and manipulate sensitive user data. This vulnerability makes users more susceptible to MitM attacks and underscores the importance of robust security measures in mobile applications.
Citations:
[1] https://gizmodo.com/cybersecurity-experts-warn-of-deepseek-vulnerabilities-as-governments-ban-app-2000561633
[2] https://www.bankinfosecurity.com/security-researchers-warn-new-risks-in-deepseek-ai-app-a-27486
[3] https://www.strongdm.com/blog/man-in-the-middle-attack-prevention
[4] https://www.nowsecure.com/blog/2025/02/06/nowsecure-uncovers-multiple-security-and-privacy-flaws-in-deepseek-ios-mobile-app/
[5] https://securityscorecard.com/blog/a-deep-peek-at-deepseek/
[6] https://www.linkedin.com/pulse/deepseek-apps-security-failures-how-all-could-have-been-ted-miracco-iudyc
[7] https://www.computerweekly.com/news/366618596/DeepSeek-API-chat-log-exposure-a-rookie-cyber-error
[8] https://krebsonsecurity.com/2025/02/experts-flag-security-privacy-risks-in-deepseek-ai-app/
[9] https://www.memcyco.com/6-ways-to-prevent-man-in-the-middle-mitm-attacks/
[10] https://www.appdome.com/dev-sec-blog/how-enterprises-can-defend-against-deepseek-ai-mobile-security-threats/
[11] https://www.csis.org/analysis/delving-dangers-deepseek