CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership May 29, 2026

MicrosoftSystem64 Malware Uses HuggingFace Datasets for Stealthy Data Exfiltration

Cybersecurity News Archived May 29, 2026 ✓ Full text saved

A newly discovered malware called MicrosoftSystem64 has been quietly stealing data from infected computers by routing stolen files through HuggingFace, the popular AI platform used by researchers and developers worldwide. The malware disguises itself as a legitimate Microsoft process, making it significantly harder for security tools to flag it as a threat. Its ability to […] The post MicrosoftSystem64 Malware Uses HuggingFace Datasets for Stealthy Data Exfiltration appeared first on Cyber Secur

Full text archived locally
✦ AI Summary · Claude Sonnet


    HomeCyber Security News MicrosoftSystem64 Malware Uses HuggingFace Datasets for Stealthy Data Exfiltration By Tushar Subhra Dutta May 29, 2026 A newly discovered malware called MicrosoftSystem64 has been quietly stealing data from infected computers by routing stolen files through HuggingFace, the popular AI platform used by researchers and developers worldwide. The malware disguises itself as a legitimate Microsoft process, making it significantly harder for security tools to flag it as a threat. Its ability to abuse trusted, widely used infrastructure marks a serious shift in how attackers move stolen data without being caught. The attack starts with a poisoned npm package called js-logger-pack, which went through 29 versions between early April 2026, growing from a basic probe into a full malware dropper. Once a developer installs the package, it silently downloads and executes MicrosoftSystem64, an 81 MB binary that runs on Windows, Linux, and macOS without needing any separate software pre-installed. From that point, the malware connects to a remote server, begins harvesting data, and locks itself into the system to survive restarts. Researchers from SafeDep said in a report shared with Cyber Security News (CSN) that their April 15 analysis first identified the second-stage payload and documented how it abuses HuggingFace as both a binary hosting service and a data exfiltration channel. JFrog Research independently confirmed the same campaign a week later. Despite both disclosures, the threat remained fully active as of May 28, 2026, with victims being monitored in real time and the attacker’s infrastructure still operating without interruption. The malware is a remote access trojan with sweeping capabilities. It targets credentials from 15 browser families, lifts data from over 80 cryptocurrency wallet extensions, hijacks Telegram Desktop sessions, copies SSH keys, runs a continuous keylogger, and takes screenshots every 60 seconds. All of this is uploaded to private datasets on HuggingFace under the attacker’s account. With 24 supported remote commands, the operators have near complete control over any infected system. Attribution links the campaign to a North Korea-connected threat group tracked as Contagious Interview, known for targeting developers through fake job interviews and compromised open-source packages. Multiple npm publisher accounts were used across the campaign, including js-logger-pack, terminal-logger-utils, ts-logger-pack, pretty-logger-utils, and pinno-loggers. Any developer who installed packages from the jpeek or toskypi cluster should treat the machine as compromised and rotate all credentials immediately. MicrosoftSystem64 Malware Uses HuggingFace Datasets What sets this malware apart is how it moves stolen data. Instead of sending files back to a private server, MicrosoftSystem64 uploads them to private HuggingFace datasets using the platform’s own API. This means all outbound traffic looks like normal, authenticated HTTPS requests to a well-known AI platform, the type of traffic most network monitoring tools would not flag as suspicious. Each victim gets a separate set of private datasets on the attacker’s HuggingFace account, organized by machine identity and data category covering screenshots, credentials, and SSH keys. The malware also pulls updates from HuggingFace every 24 hours, replacing its own binary when a newer version is available. SafeDep’s live probe on May 28 confirmed the attacker’s token was still active and recovered over 400 screenshots from two real victims who were being watched in near real time. Supply Chain Entry and Cross-Platform Persistence The infection path runs through the open-source supply chain, using npm packages crafted to look like routine developer utilities. Once installed, the malware digs in using the native persistence tools of each platform: scheduled tasks and registry keys on Windows, LaunchAgents on macOS, and systemd services with autostart entries on Linux. It labels its own process as MicrosoftSystem64 in system listings, closely mimicking the appearance of a genuine Microsoft background service. The malware reconnects to its command server over WebSocket after any interruption and retries failed uploads automatically, so a temporary outage does not cost the attacker any stolen data. Security teams and developers are strongly advised to scan all project dependencies for packages linked to the jpeek or toskypi cluster, isolate any affected machines, and immediately rotate all credentials, API tokens, SSH keys, and cryptocurrency wallet seed phrases without delay. Indicators of Compromise (IoCs) Type Indicator Description Type Indicator Description IP Address 195[.]201[.]194[.]107:8010 C2 server (WebSocket + HTTP), hosted on Hetzner Online GmbH, DE, AS24940 File Hash (SHA-256) b2954c945b51dbd6fa88ac72338b7fbf76dec7d9909ceada9d36b21330842c97 MicrosoftSystem64 Linux ELF binary (v1.0.8) File Name MicrosoftSystem64 Malicious binary — Linux variant File Name MicrosoftSystem64.exe Malicious binary — Windows variant File Name MicrosoftSystem64-darwin-x64 Malicious binary — macOS (Intel) variant File Name MicrosoftSystem64-darwin-arm64 Malicious binary — macOS (Apple Silicon) variant URL hxxps://huggingface[.]co/jpeek998/system-releases/resolve/main HuggingFace binary hosting and self-update endpoint HuggingFace Account jpeek998 Active exfiltration account (display name “Jlob”), created 2026-05-15 HuggingFace Account Lordplay Earlier binary staging account (system-releases repo), file access disabled by HuggingFace npm Package js-logger-pack Primary dropper package (v1.1.22+ acts as MicrosoftSystem64 dropper) npm Package terminal-logger-utils May 2026 dropper, RC4/XOR obfuscated npm Package ts-logger-pack Dependency proxy to terminal-logger-utils npm Package pretty-logger-utils May 2026 dropper under jpeek895 cluster npm Package pinno-loggers May 2026 dropper under jpeek895 cluster npm Account jpeek868 / jpeek886 / jpeek895 Rotated npm publisher accounts sharing Lordplay HuggingFace infrastructure npm Account toskypi Persistent author identity across campaigns (email: tosky.pi1016@gmail.com) HuggingFace Token (encrypted) MlohU84sIc82dTpY/CgE3jdOOWD1OwnyDXYRds4bG+cUeBRH7w== Encrypted HuggingFace API token embedded in binary config (reported for revocation) XOR Encryption Key XOR key used to decrypt hardcoded binary configuration values Hostname copilot-ai.whisdev[.]org Secondary C2 hostname on same IP (195[.]201[.]194[.]107), linked to whisdev/ptcbink persona SSH Key Comment bink@DESKTOP-N8JGD6T Leaked SSH key comment from js-logger-pack v1.1.5, attacker’s development machine URL hxxp://195[.]201[.]194[.]107:8010/api/validate/hf-upload-complete C2 endpoint that receives HuggingFace upload completion notifications Persistence — Windows \MicrosoftSystem64 (scheduled task); HKCU\Software\Microsoft\Windows\CurrentVersion\Run Windows persistence mechanisms used by the malware Persistence — macOS ~/Library/LaunchAgents/com.launchkeeper.MicrosoftSystem64.plist macOS LaunchAgent persistence path Persistence — Linux ~/.config/systemd/user/MicrosoftSystem64.service; ~/.config/autostart/MicrosoftSystem64.desktop Linux systemd and XDG autostart persistence paths Install Directory ~/.local/share/MicrosoftSystem64 (Linux); ~/Library/Application Support/MicrosoftSystem64 (macOS); %LOCALAPPDATA%\MicrosoftSystem64 (Windows) Per-platform install directories Registration Marker .registered (ISO timestamp file in install directory) First-execution marker written by malware to track installation Note: IP addresses and domains are intentionally defanged (e.g., [.]) to prevent accidental resolution or hyperlinking. Re-fang only within controlled threat intelligence platforms such as MISP, VirusTotal, or your SIEM. Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Tushar Subhra Dutta Tushar is a senior cybersecurity and breach reporter. He specializes in covering cybersecurity news, trends, and emerging threats, data breaches, and malware attacks. With years of experience, he brings clarity and depth to complex security topics. Trending News Italian Authorities Dismantled CINEMAGOAL App that Enables Access to Various Streaming Platforms Hackers Actives Scanning SonicWall Firewall Interfaces – 597,000 Sessions Observed Top 10 Best Mobile Application Security Testing (MAST) Tools in 2026 Hackers Hide Linux Payload Under SSH-Like Filename During Package Installation Anthropic Updates Claude Code With Security Plugin and Faster Performance Latest News Cyber Security News Critical Samba Vulnerability Enables Remote Code Execution Attacks Chrome Google Patches 151 Vulnerabilities in Chrome, Including 22 Critical Ones Cyber Security News Google Employee Charged for Making $1.2 Million With Confidential Information Cyber Security News VS Code Remote-SSH RCE Lets Attackers Pivot From Developer Machines to Cloud Servers Cyber Security Hackers Exploit Microsoft Teams’ Collaboration Features to Impersonate IT Helpdesk Staff
    💬 Team Notes
    Article Info
    Source
    Cybersecurity News
    Category
    ◇ Industry News & Leadership
    Published
    May 29, 2026
    Archived
    May 29, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗