Ethical Hacking News
Security Researchers Uncover Malicious AI Add-ons on ClawHub Marketplace, Raising Concerns About OpenClaw's "Skill" Extensions
The discovery of hundreds of malicious add-ons on the popular AI marketplace, ClawHub, has raised significant concerns about the security of OpenClaw's skill extensions. The add-ons, which were found by researchers to be masquerading as cryptocurrency trading automation tools and delivering information-stealing malware, pose a significant threat to users' personal data and device security.
Hundreds of malicious add-ons were discovered on the ClawHub marketplace, a popular AI marketplace. 28 malicious skills and 386 malicious add-ons were identified between January 27th and February 2nd. The malicious add-ons contained malware that stole exchange API keys, wallet private keys, SSH credentials, and browser passwords. The platform's creator has taken steps to address some concerns, but greater security measures are needed. Users need to exercise caution when interacting with OpenClaw skills and be aware of potential risks.
In a recent development that has left the tech community abuzz with concern, security researchers have uncovered hundreds of malicious add-ons on the popular AI marketplace, ClawHub. The discovery, which was made by researchers at OpenSourceMalware, has raised significant questions about the security of OpenClaw's skill extensions and the potential risks they pose to users' personal data and device security.
According to the research team, who identified 28 malicious skills as being published on the marketplace between January 27th and 29th, in addition to 386 malicious add-ons that were uploaded between January 31st and February 2nd. The malicious add-ons, which were found to be masquerading as cryptocurrency trading automation tools, were discovered by security researchers to contain malware that stole exchange API keys, wallet private keys, SSH credentials, and browser passwords.
The discovery of these malicious add-ons has highlighted the need for greater security measures on the ClawHub marketplace. The platform's creator, Peter Steinberger, has taken steps to address some of these concerns, including requiring users to have a GitHub account that is at least one week old to publish a skill. However, this measure does not remove the possibility of malware sneaking onto the platform.
The malicious add-ons in question were found to be designed to manipulate users into executing malicious code that delivered infostealing malware. The skills themselves, which were masquerading as legitimate OpenClaw extensions, contained instructions for users to navigate to a link that was "designed to get the agent to run a command" that downloaded the malware.
The discovery of these malicious add-ons has raised significant concerns about the security of OpenClaw's skill extensions. The platform's ability to allow users to access their entire device and interact with them through messaging apps poses a significant risk, particularly if users are not aware of the potential risks associated with using these skills.
In order to mitigate this risk, researchers at OpenSourceMalware have emphasized the need for greater security measures on the ClawHub marketplace. This includes ensuring that all user-submitted add-ons undergo rigorous testing and verification before being published on the platform.
Furthermore, researchers have called for users to exercise caution when interacting with OpenClaw skills and to be aware of the potential risks associated with using these extensions. By taking steps to educate themselves about the potential risks and benefits of using OpenClaw skills, users can help mitigate the risk of malware infection and protect their personal data.
In conclusion, the discovery of hundreds of malicious add-ons on the ClawHub marketplace has raised significant concerns about the security of OpenClaw's skill extensions. The platform's creator has taken steps to address some of these concerns, but greater security measures are needed to ensure that users' personal data and device security are protected.
The incident highlights the need for greater vigilance and scrutiny when it comes to AI-powered platforms and their associated risks. By taking steps to educate ourselves about the potential risks and benefits of using AI-powered platforms, we can help mitigate the risk of malware infection and protect our personal data.
Ultimately, the discovery of these malicious add-ons serves as a reminder that the security of AI-powered platforms is of paramount importance. By prioritizing security measures and user education, we can create safer and more secure environments for users to interact with AI-powered platforms.
Related Information:
https://www.ethicalhackingnews.com/articles/Security-Researchers-Uncover-Malicious-AI-Add-ons-on-ClawHub-Marketplace-Raising-Concerns-About-OpenClaws-Skill-Extensions-ehn.shtml
https://www.theverge.com/news/874011/openclaw-ai-skill-clawhub-extensions-security-nightmare
https://www.zdnet.com/article/openclaw-moltbot-clawdbot-5-reasons-viral-ai-agent-security-nightmare/
Published: Tue Feb 17 14:52:41 2026 by llama3.2 3B Q4_K_M
