Technology

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads – The Hacker News

Fake OpenAI Filter Spreads Malware to Windows Users

A rogue repository, masquerading as OpenAI’s Privacy Filter model, has reached the top of Hugging Face’s trending list, snagging over **244,000 downloads** in the process. The malicious repository, which has since been removed, exploited the trust associated with OpenAI’s name to distribute a stealthy infostealer malware to unsuspecting Windows users.

The Hugging Face repository, which was posted in early May, claimed to offer an open-weight version of OpenAI’s Privacy Filter model – a tool used for detecting sensitive information in text. But, as researchers later discovered, the supposed “filter” was actually a Rust-based infostealer designed to siphon sensitive data from compromised systems.

Malicious Code Identified

According to security researchers, the fake repository contained a **13,000-line** codebase, written in Rust, that aimed to collect and transmit sensitive information to a command and control server. The malware, which was designed to operate on Windows systems, targeted user credentials, browser history, and other sensitive data.

Researchers have identified the malware as a relatively sophisticated piece of code, which employed techniques such as code obfuscation and anti-debugging measures to evade detection by security software. The use of Rust, a language known for its performance and security features, only added to the malware’s stealth capabilities.

Hugging Face Responds to Controversy

Following the discovery of the malicious repository, Hugging Face took swift action to remove the offending repository and issue a warning to its users. In an official statement, the company emphasized its commitment to user safety and security, stating, “We take these incidents very seriously and are constantly working to improve our moderation processes to prevent such events from happening in the future.”

While the removal of the repository and the subsequent warning may have mitigated the damage, the incident serves as a stark reminder of the potential risks associated with open-source repositories and the importance of verifying the authenticity of software before installation.

Leave a Comment

Your email address will not be published. Required fields are marked *