Fake OpenAI repository on Hugging Face pushes infostealer malware
Summary
A fake OpenAI repository on Hugging Face (a platform where developers share AI models and code) disguised itself as a legitimate project and tricked users into downloading a malicious loader script that steals sensitive data like passwords, cryptocurrency wallets, and browser cookies. The fake repository reached the top of Hugging Face's trending list with 244,000 downloads before the platform removed it after researchers reported the threat.
Solution / Mitigation
Users who downloaded files from the malicious repository are advised to reimage the machine (completely reinstall the operating system), rotate all stored credentials, replace cryptocurrency wallets and seed phrases, and invalidate browser sessions and tokens.
Classification
Affected Vendors
Related Issues
Original source: https://www.bleepingcomputer.com/news/security/fake-openai-repository-on-hugging-face-pushes-infostealer-malware/
First tracked: May 9, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 95%