Fake OpenAI Repository on Hugging Face Distributes Infostealer
A malicious repository impersonating OpenAI's "Privacy Filter" project on Hugging Face was used to distribute information-stealing malware.
A malicious repository on the Hugging Face platform was discovered impersonating OpenAI's "Privacy Filter" project. The repository, which successfully reached the platform's trending list, was used to distribute information-stealing malware to Windows users [BleepingComputer].
The malware is designed to target sensitive data on the victim's machine, including browser credentials, session cookies, and other personal information. By masquerading as a legitimate tool from a well-known AI company, the attackers leveraged the trust associated with the OpenAI brand to entice developers and users into downloading the malicious payload.
Hugging Face has been notified of the incident, and users are advised to verify the authenticity of repositories before downloading and executing any code. Security teams should audit their environments for any artifacts related to this malicious project and rotate credentials that may have been exposed on compromised systems.