


























Security researchers claim to have documented a major shift in the infostealer landscape after witnessing the first live attack targeting an OpenClaw configuration environment.
Formerly known as Clawdbot and Moltbot, OpenClaw is a popular agentic AI assistant that runs locally on a user’s machine.
The permissions users grant it to access sensitive data and systems, insecure default settings and plaintext storage of secrets have raised eyebrows in the security community.
Now threat actors appear to be actively hunting for those secrets, according to Hudson Rock.
“The infostealer utilized a broad file-grabbing routine designed to sweep for sensitive file extensions and specific directory names (like .openclaw),” the firm wrote in a blog post yesterday.
“While the malware may have been looking for standard ‘secrets,’ it inadvertently struck gold by capturing the entire operational context of the user’s AI assistant.”
Read more on OpenClaw: Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw.
The infostealer documented by Hudson Rock stole:
“Hudson Rock’s AI system, Enki, performed an automated risk assessment on the exfiltrated files,” the report continued. “The analysis demonstrates how an attacker can leverage these disparate pieces of information, including tokens, keys, and personal context, to orchestrate a total compromise of the user’s digital identity.”
The infostealer spotted in this attack was not specially designed to target ClawdBot or similar tools, but that is likely to change in the near future, Hudson Rock said.
“As AI agents like OpenClaw become more integrated into professional workflows, infostealer developers will likely release dedicated modules specifically designed to decrypt and parse these files, much like they do for Chrome or Telegram today,” it predicted.
“By stealing OpenClaw files, an attacker does not just get a password; they get a mirror of the victim’s life, a set of cryptographic keys to their local machine, and a session token to their most advanced AI models.”
Security experts have previously warned of a shadow AI risk if users link OpenClaw to enterprise systems.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。