Fake OpenAI Repo on Hugging Face Stole Browser Passwords

A fake OpenAI repository hit #1 on Hugging Face's trending list and stole browser passwords from anyone who ran the code. Here's how the trick worked. On April 22nd, OpenAI released a real open-weight model on Hugging Face called Privacy Filter, a tool that detects and redacts personal information locally. Two weeks later, an account named Open-OSS posted a fake repo with the same name and a model card copy-pasted nearly verbatim. Researchers at HiddenLayer flagged it on May 7th. By then it had reached number one on the trending list with 244,000 downloads, though HiddenLayer notes the count may have been inflated and most of the 667 accounts that liked the repo appear to be auto-generated. The fake repo's install instructions told users to clone it and run an included setup script: a batch file on Windows, or a script called loader.py on Linux and Mac. That script disabled SSL verification, decoded a hidden URL, and fetched a PowerShell command that ran in an invisible window. The PowerShell pulled down another batch file, escalated to admin, dropped a Rust-based infostealer called sefirah, added it to Microsoft Defender's exclusions, and ran it. Sefirah targets cookies, saved passwords, and encryption keys from Chrome, Edge, Firefox, and other major browsers. Hugging Face removed the repo after reports came in. Source: https://www.bleepingcomputer.com/news/security/fake-openai-repository-on-hugging-face-pushes-infostealer-malware/ More on cybersecurity, privacy, scams, and homelab on Hake Hardware. New shorts every weekday. #cybersecurity #huggingface #infostealer