A new Android threat campaign has emerged that uses social engineering combined with a legitimate machine learning platform to spread dangerous malware across devices. Users see phony security alerts claiming their phones are infected and require protection, which is how the attack starts. These deceptive prompts push users to download a fake security app called TrustBastion, which initially appears harmless.

Nevertheless, once installed, this app serves as the beginning of a convoluted chain of infection that can grant hackers complete control over Android devices that have been compromised. The campaign exploits Hugging Face, a popular platform used by developers and researchers to share machine learning models and datasets. Instead of relying on suspicious domains that could be blocked, attackers abuse this trusted service to host and deliver their malicious payloads.

Automated payload generation (Source – Bitdefender) This approach is particularly dangerous because Hugging Face is widely recognized as a legitimate platform, making security tools less likely to flag traffic coming from it. The platform claims all uploads are scanned, but the attack shows gaps in current security measures. Following installation, a phony update notification that closely resembles authentic Google Play or Android system dialogs is displayed by TrustBastion.

Bitdefender researchers identified that when users click to update, the app connects to a server that redirects them to a Hugging Face repository hosting the actual malicious Android application. Discover more Security author features Remote access tools Cybersecurity consulting services This two-stage delivery process helps attackers avoid immediate detection and increases the success rate of infections.

How Attackers Maintain Control and Steal Data Once the malicious payload installs, it requests critical permissions while pretending to be a legitimate phone security feature. Second-stage payload behavior (Source – Bitdefender) The most important permission is Accessibility Services, which gives the malware extensive visibility into everything users do on their devices. With this access, the RAT can monitor user activity, capture screenshots, record screens, and display fake login screens designed to steal financial credentials from services like Alipay and WeChat.

Additionally, the malware records lock screen data and uses persistent connections to stay in constant contact with a remote command server. Surveillance and credential theft (Source – Bitdefender) This connection allows attackers to transmit stolen data and receive new commands in real time.

Researchers discovered that attackers regenerate new versions of the malware approximately every fifteen minutes through server-side polymorphism. More than 6,000 commits were added to the original repository over the course of 29 days. Each new version introduces minor variations while maintaining identical malicious functionality, a technique specifically designed to evade security detection systems based on file hashes.

When the original TrustBastion repository disappeared in December 2025, attackers simply relaunched with a different app name called Premium Club, using the same underlying code to continue their campaign and avoid prolonged detection. Set CSN as a Preferred Source in Google to Receive More Instant Updates from LinkedIn and X.