Fake OpenAI Privacy Filter Repo Delivers Windows Infostealer on Hugging Face
A clone of OpenAI's Privacy Filter on Hugging Face impersonated the legitimate model to distribute a Windows infostealer via a loader that downloads payloads through Base64, JSON Keeper, and PowerShell, then sets up a one-shot scheduled task to run the final malware and exfiltrate data (screenshots, crypto wallets, browser data) to a remote domain while attempting to evade detection by disabling AMSI/ETW; the repo peaked at #1 with about 244,000 downloads before being disabled, and researchers link it to similar loaders and ValleyRAT-related campaigns targeting open-source ecosystems.