NEWNow you can listen to Fox News articles!
If you use an Android phone, this is worth your attention. Currently, cybersecurity researchers are warning that hackers are using Hugging Face, a popular platform for sharing artificial intelligence (AI) tools, to spread dangerous Android malware. At first, the threat seems harmless because it is disguised as a fake antivirus application. Then, once you install it, hackers get direct access to your device. Because of this, the threat seems to be very worrying. It combines two things that people have come to trust: security applications and AI platforms.
Sign up for my FREE CyberGuy report
Get my best tech tips, emergency security alerts, and special deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join CYBERGUY.COM newspaper.
HIJACK GOOGLE CHROME ACCOUNTS ARE AWFUL
Researchers say hackers hid the Android malware inside a fake antivirus app that looked legitimate at first. (Kurt “CyberGuy” Knutsson)
What is Hug Face and why is it important
For anyone unfamiliar, Hugging Face is an open forum where developers share AI, NLP and machine learning models. It is widely used by researchers and startups and has become a central hub for AI testing. That opening is also what attackers exploit. Because Hugging Face allows public caches and supports multiple file types, hackers have been able to host apparently malicious code.
A fake antivirus app after the attack
The malware first appeared in an Android app called TrustBastion. On the surface, it looks like a useful security tool. It promises virus protection, phishing protection and malware prevention. In fact, it does the opposite.
Once installed, TrustBastion immediately says your phone is infected. It then prompts you to install the update. That update delivers malicious code. This trick is known as scareware. It relies on shock and urgency to push users to tap before thinking.
FALSE ERRORS SPREAD MALWARE FAST
The fake TrustBastion app mimics the official Google Play update screen to trick users into installing the malware. (Bitdefender)
How malware spreads and adapts
According to Bitdefender, a global cybersecurity company, the campaign focuses on a fake Android operating system called TrustBastion. Victims may be shown ads or warnings that their device is infected and instructed to install the app manually.
The attackers hosted TrustBastion’s APK files directly on Hugging Face, placing them within public datasets that appeared legitimate at first. Once installed, the app immediately prompted users to install a required “update” that delivered the actual malware.
After researchers reported the malicious cache, it was taken down. However, Bitdefender noted that almost identical repositories quickly reappeared, with minor cosmetic changes but the same malicious behavior. That rapid rebuilding made the campaign difficult to completely shut down.
That’s what this Android malware can do
This Trojan is not trivial or annoying. It attacks. Bitdefender says the malware can:
Take screenshots of your device
Show non-financial services login screens
Capture your screen lock pin
Once collected, that data is sent to a third party server. From there, attackers can quickly move to access accounts or lock you out of your phone.
What Google says about the threat
Google says users who stick to official app stores are protected. A Google spokesperson told CyberGuy, “Based on our current findings, no apps containing this malware are available on Google Play.”
The spokesperson added that “Android users are automatically protected from known versions of this malware by Google Play Protect, which runs automatically on Android devices with Google Play Services.” They also noted that “Google Play Protect can warn users or block apps known to exhibit malicious behavior, even if those apps come from sources outside of Play.”
BROWSER EXTENSION MALWARE INFECTED 8.8M USERS IN DARKSPECTRE ATTACK
Once installed, the malware can capture screenshots, fake login information and your screen lock PIN. (Kurt “CyberGuy” Knutsson)
How to stay safe from Hugging Face Android malware
This threat is a reminder that small choices matter. Here’s what you need to do right now:
1) Stick to trusted app stores
Only download apps from trusted sources like Google Play Store or Samsung Galaxy Store. These fields can be measured and scanned in place.
2) Read reviews before installing
Take a closer look at ratings, download statistics and the latest comments. Fake security apps often have vague updates or sudden rating increases.
3) Use a data removal service
Even careful users can expose personal data. A data removal service helps remove your phone number, email and other information from data broker sites that criminals rely on. That reduces tracking scams, fake security alerts and account takeover attempts.
Although no service can guarantee the complete removal of your data from the Internet, a data removal service is definitely a smart choice. They don’t come cheap, and neither does your privacy. These services do all the work for you by actively monitoring and systematically deleting your personal information from hundreds of websites. That’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of fraudsters transferring data from information breaches they may find on the dark web, making it harder for them to identify you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out there on the web by visiting Cyberguy.com
Get a free scan to find out if your personal information is already out there on the web: Cyberguy.com
4) Run Play Protect and use strong antivirus software
Scan your device regularly with Play Protect and back it up with strong anti-virus software for extra protection. Google Play Protect, the built-in malware protection for Android devices, automatically removes known malware. However, it’s important to note that Google Play Protect may not be enough. Historically, it has not been 100% successful in removing all known malware from Android devices.
The best way to protect yourself from malicious links that install malware and access your private information is to install strong anti-virus software on all your devices. This protection can also help you detect phishing emails and ransomware, keeping your personal information and digital assets safe.
Find my picks for the best antivirus 2026 winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
5) Avoid sideloading APK files
Avoid installing apps from websites outside of the app store. These apps pass security checks, so always verify the publisher name and URL.
6) Close your Google account
Your phone’s security depends on it. Enable two-step authentication (2FA) first, then use a strong, unique password stored in a password manager to prevent account takeover.
Next, see if your email has been exposed in a previous breach. Our #1 password manager (see Cyberguy.com) option includes a built-in breach scanner that checks if your email address or passwords appear in a known leak. If you find a match, immediately change any passwords that have been reused and secure those accounts with new, different credentials.
Check out the best password managers reviewed in 2026 at Cyberguy.com
7) Be careful with permissions
Be careful with access permissions. Malware usually abuses them to take control of your device.
8) Watch app updates closely
Malware can hide inside fake reviews. Beware of hotfixes that take you out of the app store.
Kurt’s priority is taking
This attack shows how quickly trust can work. A platform designed to advance AI research was repurposed as a malware delivery system. A fake antivirus app has become a threat that it says will stop. Staying safe no longer means avoiding apps that look sketchy. It means asking for those apps that seem useful and professional.
Have you seen something on your phone that made you question its safety? Let us know your thoughts by writing to us at Cyberguy.com
CLICK HERE TO DOWNLOAD THE FOX NEWS PROGRAM
Sign up for my FREE CyberGuy report
Get my best tech tips, emergency security alerts, and special deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join CYBERGUY.COM newspaper.
Copyright 2026 CyberGuy.com. All rights reserved.
