On a day that American equities markets took a hammering after investors started to pay attention to its latest artificial intelligence models, Chinese AI startup DeepSeek experienced “large-scale malicious attacks” on its services, forcing the company to limit signups temporarily.

The company has not disclosed the exact form of the attack. The attacks did not take the service offline completely, only causing the company to limit signups. A banner on the DeepSeek site reads, “Due to large-scale malicious attacks on DeepSeek’s services, registration may be busy. Please wait and try again. Registered users can log in normally.”

The obvious candidate would be a distributed denial-of-service attack, one that has not been entirely successful, enough traffic to start to cause issues but not enough to take service down completely.

It could also be possible that the problems could be in part the result of a massive surge of users seeking to sign up for and access DeepSeek’s free service. DeepSeek’s application hit the top of the Apple Store’s top free apps charts in the U.S. earlier today, not only beating OpenAI’s ChatGPT but also bringing millions of new users to the service.

It’s not impossible that DeepSeek didn’t plan for the surge of new users. Very few, if any, people would have expected Monday to see the service not only surge to the top of the app charts but also knock 3.1% off the Nasdaq and 1.5% off the S&P 500.

Investor concerns over DeepSeek are that the company trains its AI models for far less than rival American companies.  The company’s R1 reasoning model, released last week and offered for free and under an open-source license, is reported to have cost just $5.58 million to train, a small fraction of the cost other models have reportedly cost to train.

Core to the AI investment surge and even announcements such as Project Stargate has been, until now, a belief that training new AI models is highly costly and requires more and more computing power. DeepSeek has thrown that idea on its head.

Discussing the attack, Stephen Kowski, field chief technology officer at cloud email security provider SlashNext Inc., told SiliconANGLE via email that the “surge in DeepSeek’s popularity, particularly overtaking ChatGPT on Apple’s App Store, naturally attracts diverse threat actors ranging from hacktivists to sophisticated state-sponsored groups seeking to exploit or disrupt this emerging AI platform.”

“While DDoS attacks are an obvious concern, the more insidious threats likely involve probing URL Parameters, API endpoints and input validation mechanisms to manipulate or compromise the AI model’s responses potentially,” Kowski explains. “The motivations span from competitive intelligence gathering to potentially using the infrastructure as a launchpad for broader attacks, especially given the open-source nature of the technology. The high-profile success and advanced AI capabilities make DeepSeek an attractive target for opportunistic attackers and those seeking to understand or exploit AI system vulnerabilities.”

Image: SiliconANGLE/Ideogram