Researchers at Bitdefender uncovered an Android campaign that uses Hugging Face repositories and CDN links to host and deliver thousands of polymorphic APK payloads via a dropper called TrustBastion. The remote-access payload abuses Android Accessibility Services to present fake Alipay and WeChat login overlays, capture screenshots, steal credentials and exfiltrate data to a persistent C2. #TrustBastion #HuggingFace
Keypoints
- Attackers used Hugging Face as a trusted repository to host and distribute malicious APK payloads.
- Victims are lured to install a scareware dropper named TrustBastion that mimics Google Play and urges a fake update.
- Server-side polymorphism generates new payload variants every 15 minutes, producing thousands of commits in the repository.
- The main payload exploits Accessibility Services to deploy overlays, capture screens, block uninstall, and steal Alipay/WeChat credentials and lock-screen PINs.
- The malware maintains a constant C2 connection for exfiltration and commands; researchers reported the repo and Hugging Face removed the datasets, but the campaign resurfaced under a new repository name.