Googling it points to a Chinese IoT company, so I am thinking maybe they have some IoT software with known vulnerability where they have seekcy as the ssh username that is being actively scanned for.