WARNING: Open-OSS/privacy-filter MALWARE

Reddit r/LocalLLaMA News

Summary

A malicious repository on Hugging Face posing as an OpenAI privacy filter has been identified as a Windows infostealer virus using Python and PowerShell droppers.

There's this new "model" on Hugging Face titled `Open-OSS/privacy-filter` which is actually a customized infostealer virus. It's a fake version of the OpenAI privacy filter and it uses a Python-based dropper (`loader.py`) which downloads a malicious PowerShell command from the internet, which spawns another PowerShell command and downloads a shady EXE file and runs it using Task Scheduler. Here's a behavior analysis of what the EXE does: https://tria.ge/260507-tnftrsfx5x/behavioral1 I also reported both the dropper and the EXE to Microsoft. I also reported the repo to HF. If you use Linux (which is easier to use for AI/ML) you are unaffected as this is a Windows virus.
Original Article

Similar Articles

Fake OpenAI Privacy Filter on Hugging Face Dropped a Rust Infostealer

Reddit r/ArtificialInteligence

A fake repository impersonating OpenAI's Privacy Filter reached #1 on Hugging Face, downloading over 240,000 times before being removed. The malicious package distributed a Rust-based infostealer that targeted developer credentials, crypto wallets, and browser data.

OpenAI Privacy Filter Model

Reddit r/LocalLLaMA

OpenAI quietly released an Apache-2.0-licensed privacy-filter model on Hugging Face with open weights, aiming to help users run local privacy-preserving filters while retaining big-lab quality.