Fake OpenAI Privacy Filter Tops Hugging Face, Steals Data

Emily Davis · 2026-05-11

Imagine downloading what you think is a helpful tool from OpenAI, only to have your personal information stolen. That's exactly what happened to thousands of Windows users recently. A malicious repository on Hugging Face, a popular platform for sharing AI models, managed to climb to the number one spot on the trending list by pretending to be OpenAI's legitimate Privacy Filter. The fake project, named Open-OSS/privacy-filter, copied the entire description and setup of the real OpenAI release (openai/privacy-filter) to trick users. Instead of providing a privacy filter, it delivered a Rust-based information stealer that targets Windows systems. The scam was so convincing that it racked up over 244,000 downloads before being discovered. ### How the Scam Worked The attackers didn't just slap together a fake page. They meticulously cloned the real OpenAI repository, including all the documentation and code structure. This made it nearly impossible for casual users to spot the difference. The malicious payload was hidden in the installation script, which downloaded and executed the Rust-based stealer on Windows machines. - **Impersonation**: The repository name and description were identical to the real one. - **High visibility**: It reached the top of Hugging Face's trending list, giving it massive exposure. - **Targeted platform**: Windows users were specifically targeted because of the operating system's widespread use in professional environments. > "The level of sophistication here is alarming. They didn't just create a fake; they built a perfect replica to exploit trust in a well-known brand." — Emily Davis, Head of Digital Privacy at Antidetectbrowsershub ### What the Malware Does Once installed, the Rust-based stealer quietly collects sensitive data from the infected system. This includes login credentials, browser cookies, cryptocurrency wallet information, and other personal files. The malware then sends this data to a remote server controlled by the attackers. Rust was chosen for its speed and low-level system access, making the stealer both efficient and hard to detect. The malware runs silently in the background, often without triggering antivirus software. Users may not realize their data has been compromised for days or even weeks. ### How to Protect Yourself This incident highlights the growing need for caution when downloading open-source projects. Here are some practical steps you can take to stay safe: - **Verify the source**: Always check the official website or repository of a trusted company before downloading. Look for verified badges or official accounts. - **Check download counts and reviews**: If a repository has an unusually high number of downloads but few genuine reviews, it could be a red flag. - **Use a sandbox**: Test new software in a virtual machine or isolated environment before running it on your main system. - **Keep security tools updated**: Ensure your antivirus and anti-malware software are current, though be aware that even the best tools can miss novel threats. - **Monitor your accounts**: After any potential exposure, check your login credentials and enable two-factor authentication wherever possible. ### The Bigger Picture This attack is part of a larger trend where cybercriminals exploit the trust that developers and tech professionals place in open-source platforms. Hugging Face has since removed the malicious repository, but the damage is already done for those who downloaded it. The incident also underscores the importance of using antidetect browsers and other privacy tools to protect your digital footprint. By masking your browser fingerprint and isolating your online activities, you can reduce the risk of being targeted by such scams. For professionals working in sensitive fields, the lesson is clear: trust but verify. Even the most reputable platforms can be compromised, and a moment of haste can lead to significant data loss. Stay vigilant, and always double-check before you click that download button.