A sophisticated malware campaign exploited the Hugging Face machine learning platform to distribute an information-stealing trojan to Windows users through a fake repository that briefly became the platform's top trending project. The malicious repository, named Open-OSS/privacy-filter, accumulated roughly 244,000 downloads and hundreds of likes before Hugging Face removed it from the platform.

Hugging Face, a popular platform for sharing machine learning models and datasets, has become an increasingly attractive target for threat actors seeking to reach technical audiences. The malicious repository masqueraded as a legitimate privacy tool, using a name that would appeal to security-conscious developers and researchers. By exploiting the platform's trending algorithm, the attackers gained significant visibility and credibility among users who typically trust highly-ranked projects.

The payload delivered through the repository was a Rust-based infostealer designed specifically for Windows systems. Rust has become increasingly popular among malware developers due to its performance characteristics and ability to evade some traditional detection methods. The infostealer likely targeted sensitive information such as credentials, browser data, cryptocurrency wallets, and other valuable data stored on infected systems. Security researchers believe the threat actor artificially manipulated engagement metrics to boost the repository's ranking and reach the top trending position.

The incident highlights growing security risks in open-source software repositories and machine learning platforms. With nearly a quarter million downloads before detection, the campaign potentially compromised a significant number of systems belonging to developers, researchers, and organizations using the platform. The attack demonstrates how threat actors can weaponize trust mechanisms and popularity indicators to distribute malware at scale through legitimate platforms.

Users who downloaded or interacted with the Open-OSS/privacy-filter repository should immediately scan their systems with updated antivirus software and assume their credentials may be compromised. Organizations should rotate passwords and API keys for any accounts accessed from potentially affected systems, enable multi-factor authentication where available, and monitor for suspicious account activity. Security teams should also review their software supply chain processes to include verification steps for dependencies downloaded from public repositories, even those with high popularity metrics.

Source: https://gbhackers.com/trending-hugging-face-repo/