Beijing: Major and sustained cyberattacks on the Chinese AI model DeepSeek originated in the US, Chinese media reported on Thursday.

According to Anadolu Agency, the cyberattack on DeepSeek began on Jan. 3 and peaked on Monday and Tuesday with a massive brute-force attack from US IP addresses, the South China Morning Post reported on Thursday, citing Yuyuan Tantian, a CCTV social media account. A cybersecurity expert told CCTV, China’s state media, that all the attack IPs were recorded and were from the US.

The earlier stage of the cyberattack contained more distributed denial-of-service (DDoS) attacks aimed at disrupting DeepSeek’s normal service by overwhelming its servers and bandwidth with a flood of internet traffic. The more recent attacks were primarily brute-force attacks aimed at cracking user IDs and passwords to understand how DeepSeek works, CCTV reported, citing a report from China’s cybersecurity firm QAX Technology Group.

Separately, US President Donald Trump’s Commerce Secretary nominee Howard Lutnick alleged on Wednesday that DeepSeek allegedly misused American technology. Earlier this month, DeepSeek released its open-source AI model, R1, which mimics human reasoning and challenges the dominance of OpenAI and US competitors like Google and Meta.

DeepSeek, a large language model, operates with significantly lower resource consumption than its rivals, including US-based OpenAI’s ChatGPT and Google’s Gemini. Its rapid rise in popularity across global mobile app stores triggered stock losses of up to almost $1 trillion in market value for major Western tech firms such as Nvidia.