Subscribe to our newsletter
- Hudson Rock detects first infostealer attack stealing OpenClaw AI helper configuration files
- Stolen secrets (API keys, tokens) could provide access to linked applications like Telegram or calendars
- Researchers warn that information thieves may soon add dedicated modules to analyze data from AI agents, increasing risks to professional workflow.
Thanks to its immediate success and widespread adoption, OpenClaw has drawn a big target on its back and is now under attack by information thieves, after security researchers at Hudson Rock claimed to have seen a first-of-its-kind attack in the wild.
OpenClaw (formerly known as Clawdbot and Moltbot) is open source AI assistive software designed to actually perform tasks, rather than just answer questions or generate multimedia. Users can set it up on their personal computers or servers and connect it to apps like Telegram, calendars, etc., after which it can perform practical tasks like email management, scheduling meetings and tasks, and automating workflows.
But to configure it correctly, users must give it certain secrets like API keys, or authentication tokens. These are stored in the tool’s configuration files which, if stolen, can allow attackers to access different applications and tools.
Live infections detected
However, according to Hudson Rock, this is exactly what is happening now:
“Hudson Rock has now detected an actual infection in which an information thief successfully exfiltrated a victim’s OpenClaw configuration environment,” the company said in a report.
“This discovery marks an important step in the evolution of information-stealing behavior: the transition from stealing browser credentials to harvesting the ‘souls’ and identities of personal AI agents.”
In this specific incident, the hackers weren’t targeting OpenClaw itself: they simply managed to deploy an information stealer that grabbed as many sensitive files as possible from the compromised system. However, Hudson Rock expects this to change “rapidly” as more cybercriminals realize the value of OpenClaw’s configuration data.
“As AI agents like OpenClaw become more integrated into professional workflows, infostealer developers will likely release dedicated modules specifically designed to decrypt and analyze these files, much like they do today for Chrome or Telegram,” the researchers concluded.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
