341 Malicious Skills Discovered on OpenClaw ClawHub: The Naked Truth of AI Agent Security

by

341 Malicious Skills Found on OpenClaw ClawHub

  • Koi Security found malware in 341 out of 2,857 ClawHub skills
  • Atomic Stealer steals cryptocurrency wallets and API keys
  • Expert calls it a “security dumpster fire,” 3 additional RCE vulnerabilities disclosed

What Happened?

341 malicious skills were found on ClawHub, the marketplace for AI agent OpenClaw.[The Hacker News] Koi Security audited 2,857 skills and found that 12% contained malware.

Attackers distributed skills disguised as cryptocurrency bots and wallet trackers. When installed, Atomic Stealer or a trojan is executed.[VirusTotal]

Why is it Important?

OpenClaw is an AI agent that runs locally. It has system-wide access. The only requirement for ClawHub registration is a week-old GitHub account.[The Register]

Laurie Voss of Arize called it a “security dumpster fire.” Recently, 1 RCE and 2 command injection vulnerabilities have been additionally disclosed in the last 3 days.

What Happens Next?

OpenClaw has introduced a reporting feature. Skills reported more than 3 times are automatically hidden. VirusTotal has started analyzing AI skills with Code Insight.

Frequently Asked Questions (FAQ)

Q: What is OpenClaw and why is it dangerous?

A: OpenClaw is a locally executed AI agent. It was formerly known as Clawdbot. It has system-wide privileges. Malicious skills can access files, credentials, and browser data.

Q: What data is being stolen?

A: Cryptocurrency API keys, wallet private keys, SSH credentials, and browser passwords are targeted. Keylogging data and environment variables are also collected.

Q: What if I have already installed a skill?

A: Delete any suspicious skills. Immediately replace cryptocurrency wallets and API keys. Also, change browser passwords.

If this article was helpful, please subscribe to AI Digester.

References

Leave a Comment