Fake OpenAI Privacy Filter Repo on Hugging Face Serves Rust Info‑Stealer to Windows Users
What Happened — A malicious repository on Hugging Face, named Open-OSS/privacy-filter, copied the description of OpenAI’s legitimate “privacy‑filter” model and rose to the platform’s trending list. The repo distributed a Rust‑based information‑stealing binary targeting Windows users.
Why It Matters for TPRM —
- Third‑party model repositories can become vectors for supply‑chain attacks, compromising downstream customers.
- Impersonation of a trusted AI vendor (OpenAI) increases the likelihood of successful execution.
- Credential and data theft from Windows workstations can cascade into broader enterprise breaches.
Who Is Affected — AI/ML SaaS providers, enterprises integrating OpenAI models, developers downloading community models, and any organization with Windows endpoints.
Recommended Actions — Verify the provenance of all third‑party model assets, enforce code‑signing and hash verification for downloaded binaries, restrict automatic execution of downloaded scripts, and monitor for anomalous credential usage.
Technical Notes — Attack vector: malicious third‑party repository on Hugging Face; no known CVE. Payload: Rust‑compiled information stealer for Windows, likely harvesting credentials and system data. Source: The Hacker News