A malicious Hugging Face repository impersonating OpenAI's 'Privacy Filter' project reached #1 on the platform's trending list and accumulated 244,000 downloads before being removed. The repository contained a loader.py Python script that appeared to be AI-related code but secretly fetched and executed a PowerShell command chain, ultimately deploying a Rust-based infostealer. The malware targets browser credentials, Discord tokens, cryptocurrency wallets, SSH/FTP/VPN configs, and system data, exfiltrating everything to a C2 server. It also includes extensive anti-analysis features. Researchers at HiddenLayer linked the infrastructure to other malicious repositories and an npm typosquatting campaign distributing the WinOS 4.0 implant. Affected users are advised to reimage machines, rotate all credentials, and replace crypto wallets.
Table of contents
Related Articles:Sort: