Bitdefender researchers have discovered an Android RAT (remote access trojan) campaign that combines social engineering, the resources of the Hugging Face online platform as staging, and extensive use of Accessibility Services to compromise devices.

What makes this campaign particularly interesting is the attackers’ use of Hugging Face to host malicious payloads, and the scale at which new samples are deployed.

Hugging Face is a widely used online hosting service that provides a home to machine learning models and gives users a place to host their open-source models, datasets, and other development tools that researchers and developers usually need.

Unfortunately, the space Hugging Face offers can also be used by cybercriminals for malicious purposes as the platform doesn’t seem to have meaningful filters that govern what people can upload. They say all uploads are scanned with ClamAV, which is an open-source antivirus engine.

Key FindingsKey Findings

• The RAT uses a two-step infection chain that starts with a dropper and is followed by a malicious payload.
• The Hugging Face online service is abused to host and distribute dangerous APKs.
• The attackers use server-side polymorphism by producing new payloads roughly every 15 minutes.
• The Trojan abuses Accessibility Services to obtain persistent visibility and control.
• Attackers use fake system and financial interfaces to steal credentials and lock screen information.
• A centralized command-and-control server (C2) coordinates payload delivery and data exfiltration.

...read more at bitdefender.com