"The repository had typosquatted OpenAI's legitimate Privacy Filter release, copied its model card nearly verbatim, and shipped a loader.py file that fetches and executes infostealer malware on Windows machines,"
"Once launched, the Python script triggers malicious code responsible for disabling SSL verification, decoding a Base64-encoded URL hosted on JSON Keeper, and using it to extract a command that's passed to PowerShell for subsequent execution."
"The PowerShell command is used to download a batch script from a remote server ("api.eth-fastscan[.]org") and launch it using "cmd.exe." The batch script functions as a second-stage downloader that prepares the environment by e"
A malicious Hugging Face repository appeared on the platform’s trending list by impersonating OpenAI’s open-weight Privacy Filter model. The repository copied the legitimate model’s description and masqueraded under a similar name, including a loader.py file that fetches and executes malware on Windows systems. The malicious project instructed users to clone the repository and run start.bat on Windows or loader.py on Linux and macOS to install dependencies and start the model. When launched, the Python script disabled SSL verification, decoded a Base64-encoded URL from a JSON paste service, and used it to obtain a command executed through PowerShell. The PowerShell command downloaded a remote batch script and launched it with cmd.exe, enabling staged payload delivery and payload switching.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]