from Hacker News

Static analysis of the DeepSeek Android app

by mbac32768 on 2/7/25, 4:18 PM with 5 comments

  • by asimpleusecase on 2/7/25, 4:29 PM

    It would be good to do this kind of analysis on apps that have more than 10 million users - but in the mean time , has someone done this analysis on TicTok?

  • by mbac32768 on 2/7/25, 4:18 PM

    tl;dr it does aggressive device fingerprinting, root detection, has anti-tampering mechanisms, bundles native code and has dynamic code loading and execution facilities.

    IMO, none of which should be necessary for an app like this

    A dynamic analysis is still needed to confirm what it actually does.

    I decided to do this after a researcher found obfuscated surveillance code in the web app https://apnews.com/article/deepseek-china-generative-ai-inte...

    NowSecure found similar not great runtime behavior in the iOS mobile app https://www.nowsecure.com/press-releases/nowsecure-urges-ent...