Hugging Face’s Open-Source Technology Hijacked for Malware Spread
Ambushed Trust: Threat Actors Exploit Popular AI Distribution Platforms
Recent research by Acronis reveals a concerning trend where threat actors exploit trust in prominent AI distribution platforms, such as Hugging Face and ClawHub, to spread malware.
Trojanization Technique Used by Attackers
The technique employed by attackers, called trojanization, involves hiding malicious commands within shared files or code that are executed by AI systems without the user’s knowledge.
Malicious Skills Discovered on ClawHub
- Nearly 600 malicious skills were found across 13 developer accounts.
- The majority of these skills were located on two accounts: hightower6eu (334 skills) and sakaen736jih (199 skills).
- These malicious skills targeted Windows and macOS systems, distributing trojans, cryptominers, and information stealers.
OpenClaw Ecosystem Vulnerabilities
Hugging Face Distribution Campaigns
Across two distribution campaigns abusing Hugging Face, attackers created repositories hosting malicious files designed to stage multi-step infection chains leading to infostealers, trojans, malware loaders, and other types of malware targeting Windows, Linux, and Android.
Rising Concerns
As Hugging Face’s popularity grows, the risk of similar attacks increases. Accronis highlights the difficulty in accurately measuring the full extent of this activity due to the platform’s scale and dynamic nature of hosted content.
Shift Towards Poisoning Trusted Channels
This trend indicates a shift towards poisoning trusted distribution channels, such as AI-related platform ecosystems, to deliver payloads while leveraging user trust in legitimate-looking AI tooling.
About Author
English