Sign up for our newsletter
- Hudson Rock Discovers First Infostealer Attack Stealing OpenClaw AI Assistant Configuration Files
- Stolen secrets (API keys, tokens) can give access to linked apps like Telegram or calendars
- Researchers warn infostealers may soon add dedicated modules to analyze AI agent data, increasing risks to professional workflow
Thanks to its overnight success and widespread adoption, OpenClaw has painted a big target on its back and is now under attack by infostealers after security researchers Hudson Rock claimed to have seen a first-of-its-kind attack in the wild.
OpenClaw (formerly known as Clawdbot and Moltbot) is an open source AI assistant software designed to actually perform tasks instead of just answering questions or generating multimedia. Users can set it up on their personal computers or servers and connect it to apps like Telegram, calendars, and the like, then it can perform practical tasks like managing emails, scheduling meetings and tasks, and automating workflows.
But to configure it properly, users need to give it certain secrets such as API keys or authentication tokens. These are stored in the tool’s configuration files, which, if stolen, can give attackers access to various apps and tools.
Live infections detected
Now, according to Hudson Rock, that’s exactly what’s happening:
“Hudson Rock has now discovered a live infection in which an infostealer successfully exfiltrated a victim’s OpenClaw configuration environment,” the company said in a report.
“This finding marks a significant milestone in the evolution of infostealer behavior: the transition from stealing browser credentials to harvesting the ‘souls’ and identities of personal AI agents.”
In this specific incident, the hackers didn’t target OpenClaw itself – they simply managed to install an infostealer that grabbed as many sensitive files from the compromised system as possible. However, Hudson Rock expects this to change “rapidly” as more and more cybercriminals realize the value of OpenClaw configuration data.
“As AI agents like OpenClaw become more integrated into professional workflows, infostealer developers will likely release dedicated modules specifically designed to decrypt and parse these files, just as they do for Chrome or Telegram today,” the researchers concluded.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
