EXECUTIVE SUMMARY
The infection begins when a developer installs a malicious npm package that silently drops an 80‐megabyte binary onto the host. It runs on Windows, macOS, and Linux, creating scheduled tasks, LaunchAgents, or systemd services to survive reboots. Once active, it opens a persistent WebSocket channel to a command server, harvests credentials, captures screenshots, and records keystrokes.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY
The infection begins when a developer installs a malicious npm package that silently drops an 80‐megabyte binary onto the host. It runs on Windows, macOS, and Linux, creating scheduled tasks, LaunchAgents, or systemd services to survive reboots. Once active, it opens a persistent WebSocket channel to a command server, harvests credentials, captures screenshots, and records keystrokes.[emaillocker id="1283"]
Collected data is compressed and uploaded to private datasets on a popular AI platform using the platform's own API, making the exfiltration appear as ordinary cloud traffic. The trojan also checks the platform daily for updated binaries, replacing itself without user interaction. The campaign matters because it bypasses traditional network defenses by blending malicious traffic with legitimate AI‐platform requests, leaving most monitoring tools blind to the theft.
Persistence mechanisms across all major operating systems make removal time‐consuming, and the breadth of harvested assets—browser passwords, crypto wallets, and SSH keys—poses immediate financial and reputational risk. Organisations should enforce strict supply‐chain validation for third‐party libraries, isolate development environments, and rotate all secrets as soon as a compromise is suspected. Continuous endpoint detection, hardened patch cycles, and immutable backup strategies complete a layered response that limits both exposure and recovery time.
THREAT PROFILE:
| Tactic | Technique ID | Technique | Sub-technique |
| Initial Access | T1195.001 | Supply Chain Compromise | Compromise Software Dependencies and Development Tools |
| Execution | T1059 | Command and Scripting Interpreter | — |
| Persistence | T1053.004 | Scheduled Task/Job | Launchd |
| Persistence | T1543.001 | Create or Modify System Process | Launch Agent |
| Persistence | T1543.003 | Create or Modify System Process | Windows Service |
| Defense Evasion | T1036.003 | Masquerading | Rename System Utilities |
| Credential Access | T1555.003 | Credentials from Password Stores | Credentials from Web Browsers |
| Credential Access | T1552.001 | Unsecured Credentials | Credentials In Files |
| Collection | T1113 | Screen Capture | — |
| Command and Control | T1071.001 | Application Layer Protocol | Web Protocols |
| Exfiltration | T1048.003 | Exfiltration Over Alternative Protocol | Exfiltration Over Unencrypted Non-C2 Protocol |
REFERENCES:
reports contain further technical details:
https://cybersecuritynews.com/microsoftsystem64-malware-uses-huggingface-datasets/