BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Fake OpenAI Model on Hugging Face Spreads Malware

Fake Hugging Face model used bots to spread infostealer malware targeting developers

  • A fake Hugging Face repo impersonating OpenAI‘s Privacy Filter model reached #1 trending, using bots to inflate its popularity.
  • The Malware delivered a sophisticated six-stage infostealer designed to steal crypto wallet keys, browser data, and Discord tokens.
  • Security researchers at HiddenLayer linked the attack to a broader campaign targeting AI developers with malicious lookalike models.
  • Victims who ran the code must treat their machines as fully compromised and move crypto assets immediately.

A malicious repository impersonating OpenAI‘s Privacy Filter model surged to the top of Hugging Face‘s trending page in late April. The fake repo, uploaded by an account named “Open-OSS,” amassed approximately 244,000 downloads and 667 likes in under 18 hours before removal.

- Advertisement -

According to the security firm HiddenLayer, 657 of those likes came from bot accounts. This manufactured social proof effectively disguised the bait, which instructed users to run a file called start.BAT.

Consequently, executing the file triggered a complex, multi-stage infection. The malware secretly downloaded a final payload written in Rust that harvested sensitive data from Windows machines.

The infostealer comprehensively targeted browser passwords, Discord tokens, and cryptocurrency wallet seed phrases. It also collected SSH keys and took screenshots before exfiltrating everything to attacker-controlled servers.

This incident is part of a larger pattern, as HiddenLayer identified six additional malicious repositories. Those repos impersonated other popular AI models like Qwen3 and DeepSeek to lure developers.

- Advertisement -

The campaign’s infrastructure, a domain mimicking a blockchain analytics API, was also observed Hosting separate malware. This strategy mirrors a 2024 supply chain attack that cost one user 10 Bitcoin.

Anyone who cloned and ran the repository must treat their device as fully compromised. All stored credentials should be considered stolen and crypto funds must be moved to a new wallet from a clean device.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Saylor’s ‘Orange Dots’ Signal Fails to Clarify Bitcoin Strategy

Strategy founder Michael Saylor posted a cryptic signal on Sunday, prompting analysts to call...

Crypto’s $2T Crash Awaits BlackRock Shock & FOMO

Bitcoin has stabilized near $60,000 after a downturn erased $2 trillion from the crypto...

Cambridge: Ethereum Energy Intensity Low, Overall Use High

Ethereum consumes roughly 7.87 GWh annually, the second-lowest energy intensity per market value among...

Saylor and Back oppose BIP-110 fork over Bitcoin security fears

Michael Saylor and Adam Back have publicly opposed BIP-110, a temporary Bitcoin fork proposal...

China, India groups target Pakistani police in cyber espionage

Suspected China- and India-aligned threat actors targeted Pakistani law enforcement in a sustained cyber...

Must Read

Top 5 Testing Tools For Blockchain Applications in 2022

Blockchain apps have been adopted popularly by some prominent industries due to its being a decentralized-designed technology. Furthermore, these apps eliminate the risks that...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading