Android RAT Hides Behind Hugging Face

Every week, ISMG rounds up cybersecurity incidents and breaches around the world. This week, researchers exposed an Android RAT abusing Hugging Face infrastructure. Attackers exploited a critical SmarterMail authentication bypass after reverse-engineering a patch. Automakers boosted cyber spending as supply chain risks linger. The U.S. Cybersecurity and Infrastructure Security Agency warned of active exploitation of a VMware vCenter flaw. Microsoft patched an Office security bypass under attack. An Empire Market co-creator pleaded guilty to U.S. federal drug charges. Nike probed a breach tied to a 1.4 terabyte data theft.

See Also: AI Arms Cybercriminals, and Defenders Must Match Pace

Cybercriminals are abusing Hugging Face’s machine learning hosting infrastructure to deliver Android remote access Trojans, using trusted cloud services and aggressive polymorphism to sidestep mobile security controls, new research from Bitdefender found.

Researchers at Bitdefender said Thursday the campaign centers on a two-stage infection chain that begins with a malicious dropper app masquerading as a mobile security tool called TrustBastion, likely downloaded after advertising telling victims that their devices have been compromised.

TrustBastion is actually a dropper. Once installed it displays a fake system update alert styled to resemble legitimate Android and Google Play dialogs. Accepting the update triggers the second-stage payload delivery – not from an obvious malicious domain, but from Hugging Face-hosted repositories.

The attackers use an encrypted endpoint tied to trustbastion.com to redirect victims to Hugging Face datasets hosting the final file. Bitdefender said the approach allows attackers to blend malicious traffic into legitimate cloud activity, reducing the likelihood of detection or blocking.

Researchers observed a high volume of commits over a short period of time on the malicious Hugging Face repository. Hackers generated new payloads roughly every 15 minutes, uploading more than 6,000 unique Android files in less than a month. Each variant introduced minor changes to evade hash-based detection while preserving identical malicious behavior.

Once installed, the RAT abuses Android’s accessibility service – just about every Android Trojan seems to do so – to gain persistent control and full visibility over device activity. It requests screen capture, overlay and recording permissions, enabling real-time surveillance and credential theft.

The malware displays fake login interfaces impersonating financial services such as Alipay and WeChat, harvesting credentials and lock screen information. Stolen data is exfiltrated to a centralized command-and-control server, which also handles payload rotation and configuration updates.

Attackers are actively exploiting a critical authentication bypass vulnerability in SmarterTool’s SmarterMail, using reverse-engineered patches to compromise exposed email servers shortly after a fix was released.

The flaw, numbered WT-2026-0001 by WatchTowr Labs and tracked as CVE-2026-23760, allows an unauthenticated attacker to reset the system administrator password without providing valid credentials. Successful exploitation gives full administrative access to the mail server.

WatchTowr researchers said the issue stems from a logic flaw in SmarterMail’s ForceResetPassword API endpoint. By submitting a crafted request and setting an IsSysAdmin parameter, an attacker can overwrite the administrator password without authentication checks being enforced.

SmarterTools disclosed the vulnerability on Jan. 8 and released a patched version on Jan. 15. WatchTowr said it observed exploitation attempts within days of the patch release. In at least one confirmed case, attackers reset an administrator password shortly after the update became publicly available, suggesting they reverse-engineered the patch to identify the underlying flaw.

Once attackers gain administrative access, they can abuse legitimate SmarterMail features to execute operating system commands with system level privileges, resulting in full server compromise.

SmarterMail is commonly used by managed service providers and small to midsized organizations as an on-premises mail server, making exposed instances attractive targets.

The automotive industry faces escalating cyberthreats as connected vehicles and artificial intelligence-driven systems create new vulnerabilities, according a proprietary assessment by debt rating agency Moody’s.

Automakers are increasing cybersecurity investment and elevating security leadership. More than one-third spent over 10% of their technology budgets on cybersecurity, up from previous years. Nearly 80% have appointed CISO roles, with most reporting directly to senior management rather than through IT channels, Moody’s research found. The firm received nearly 2,000 responses from global automotive sector executives, roughly 80% of who were CISOs.

Recent incidents highlight the urgency. A June 2024 ransomware attack on CDK Global disrupted dealership operations across the United States. Jaguar Land Rover underwent a full systems shutdown in fall 2025 following a ransomware attack. Customer data breaches at Stellantis and Renault UK exposed weaknesses across automotive supply chains.

The survey found defensive maturity is uneven. While 92% of respondents said they carry standalone cyber insurance and conduct quarterly incident response testing, critical gaps persist. Only 64% use identity management service providers, compared with a global 80% average. Automotive suppliers lag behind manufacturers in reviewing vendor cybersecurity practices.

Supply chain exposure is the sector’s primary concern. Attackers increasingly bypass stronger corporate defenses by targeting smaller vendors with weaker controls.

New regulations are adding pressure. The EU’s Cyber Resilience Act, whose main mandates take effect in 2027, requires rigorous security for connected vehicle components, with fines up to 15 million euros or 2.5% of global turnover for non-compliance.

Ransomware groups are increasingly eyeing software-defined vehicles for extortion, exploiting complex supply chains with multiple entry points like web apps, mobile integrations and constant cloud connectivity (see: Your New Car Could Be the Next Ransomware Target).

A critical VMware vCenter flaw now under active exploitation allows remote attackers to take control of virtualized infrastructure without authentication, U.S. Cybersecurity and Infrastructure Agency said Friday.

The vulnerability, tracked as CVE-2024-37079, is a heap-overflow flaw in the distributed computing environment/remote procedure call implementation of VMware vCenter Server. An attacker with network access can send a specially crafted request to trigger unauthenticated remote code execution, potentially leading to full system compromise.

Broadcom disclosed and patched the vulnerability in June 2024 as part of a security advisory that addressed multiple flaws in vCenter.

CISA added the bug to its Known Exploited Vulnerabilities Catalog.

Microsoft released Monday an emergency security patch to address a high-severity security feature bypass vulnerability affecting Microsoft Office and Microsoft 365 that is being exploited in the wild.

The flaw, tracked as CVE-2026-21509 with a CVSS score of 7.8, stems from Office’s reliance on untrusted inputs in a security decision, allowing an unauthenticated attacker to bypass key protections designed to block unsafe Component Object Model, Object Linking and Embedding controls.

Exploitation requires only social engineering. An attacker can trick a user into opening a crafted Office document, making everyday channels like phishing a likely delivery vector.

A co-creator of the now-defunct darkweb marketplace pleaded guilty to federal drug conspiracy charges in Chicago, the U.S. Department of Justice announced Tuesday.

Raheim Hamilton, also known online as “Sydney” and “ZeroAngel,” admitted he co-founded and co-administered Empire Market, a darkweb marketplace that enabled the sale of drugs, stolen data, counterfeit currency and hacking tools, according to his plea agreement. Under the deal, he must forfeit 1,230 bitcoin, worth about $103 million and 24.4 ether coins, or $68,000, as well as three residential properties in Virginia.

Prosecutors said Empire Market operated from February 2018 through August 2020, during which it processed more than 4 million transactions with total sales exceeding $432 million. Drug sales accounted for the majority of activity, generating approximately $374 million.

Hamilton ran the marketplace alongside Thomas Pavey, known online as “Dopenugget.” Pavey pleaded guilty last year to related federal charges and is still awaiting sentencing.

The two jointly designed, owned and operated Empire Market, overseeing site development, vendor onboarding, dispute resolution and moderation. The pair modeled the platform on the earlier darkweb marketplace AlphaBay, which Pavey and Hamilton used as a blueprint for Empire Market’s structure and features.

Hamilton pleaded guilty to conspiring to distribute large quantities of heroin, cocaine and methamphetamine, including shipments sent into the United States from overseas vendors. The platform hosted more than 166,000 drug listings and facilitated nearly 2.8 million drug transactions, investigators said.

Authorities traced cryptocurrency flows linked to the marketplace, identifying wallets tied to marketplace administrators and vendors that facilitated laundering of proceeds through mixers and tumblers.

Sportswear brand Nike is investigating its network after threat actors claimed to have exfiltrated 1.4 terabytes of internal data – about 190,000 unique files.

WorldLeaks, likely a rebrand of the Hunters International ransomware operation, said it stole 188,347 files from Nike’s systems, publishing design and manufacturing workflows on its darkweb leak site.

According to Nike, sample data also included garment measurements for products, details on materials, item retail prices, product lifecycles, clothing testing reports, factory audits, corporate slides and other materials.

“We always take consumer privacy and data security very seriously. We are investigating a potential cybersecurity incident and are actively assessing the situation,” Nike said.

Nike has not said whether WorldLeaks posed a ransom demand.

Other Stories From This Week

With reporting from Information Security Media Group’s Gregory Sirico in New Jersey.