HiddenLayer disclosed on May 12, 2026 that a malicious Hugging Face repository named Open-OSS/privacy-filter typosquatted OpenAI's legitimate Privacy Filter release, copying its model card nearly verbatim and accumulating over 244,000 downloads and 667 likes in under 18 hours, with figures likely artificially inflated. Users who cloned the repository and ran start.bat or python loader.py were served a base64-encoded Python loader that dropped a Rust-based infostealer. The malware employed API hiding, debugger and sandbox detection, virtual machine checks, and attempts to disable AMSI and ETW to evade detection, and it targeted browser passwords, session cookies, Discord tokens, crypto wallets, and Telegram sessions. HiddenLayer advised affected users to treat infected hosts as fully compromised, rotate all stored credentials, invalidate sessions, and move cryptocurrency funds to wallets generated on clean devices. The campaign abuses OpenAI's brand to lure developers but does not indicate a compromise of OpenAI's own infrastructure.
// Alert
Openai threat report
// OpenaiMEDIUM
// Get alerts for Openai