OpenClaw AI agents targeted by infostealer malware for the first time

News
By published

Locally deployed AI agents hold plenty of secrets

A hand reaching out to touch a futuristic rendering of an AI processor.
(Image credit: Shutterstock / NicoElNino)
  • Hudson Rock spots first infostealer attack stealing OpenClaw AI assistant configuration files
  • Stolen secrets (API keys, tokens) could grant access to linked apps like Telegram or calendars
  • Researchers warn infostealers may soon add dedicated modules to parse AI agent data, raising risks for professional workflow

Thanks to its overnight success and widespread adoption, OpenClaw has painted a large target on its back and is now being attacked by infostealers, after security researchers Hudson Rock claimed to have seen a first-of-its-kind attack in the wild.

OpenClaw (previously known as Clawdbot and Moltbot) is an open source AI assistant software designed to actually complete tasks, rather than just answer questions or generate multimedia. Users can set it up on their personal computers or servers, and connect it to apps such as Telegram, calendars, and similar, after which it can do practical tasks like managing emails, scheduling meetings and tasks, and automating workflows.

But to set it up properly, users must give it certain secrets such as API keys, or authentication tokens. These get stored in the tool’s configuration files which, if stolen, can grant attackers access to different apps and tools.

Live infections detected

Now, according to Hudson Rock, this is exactly what’s now happening:

"Hudson Rock has now detected a live infection where an infostealer successfully exfiltrated a victim's OpenClaw configuration environment," the company said in a report.

"This finding marks a significant milestone in the evolution of infostealer behavior: the transition from stealing browser credentials to harvesting the 'souls' and identities of personal AI agents."

In this specific incident, the hackers weren’t targeting OpenClaw itself - they simply managed to deploy an infostealer that grabbed as many sensitive files from the compromised system as possible. However, Hudson Rock expects this to change “rapidly”, as more and more cybercriminals realize the value of OpenClaw configuration data.

“As AI agents like OpenClaw become more integrated into professional workflows, infostealer developers will likely release dedicated modules specifically designed to decrypt and parse these files, much like they do for Chrome or Telegram today,” the researchers concluded.

Via BleepingComputer

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.