A rising number of internet-facing deployments of OpenClaw, an AI-driven automation platform, pose significant cybersecurity threats, warns the national cybersecurity center under China’s Ministry of Public Security. The platform is popular for executing complex tasks and utilizing diverse plugins but is vulnerable due to its architecture and default settings. Many OpenClaw installations are exposed to the internet without proper user authentication, risking sensitive data like API keys stored in plaintext. Cybersecurity concerns include permission control failures, enabling agents to act without user consent, leading to data theft or device control. Users must promptly update their OpenClaw installations from trusted sources and restrict deployments to local networks to mitigate risks. Critical security measures include enabling strong authentication, regularly updating passwords, and reviewing third-party plugins for safety. Over 200,000 OpenClaw assets are active globally, with 23,000 in China, particularly in tech hubs like Beijing and Shanghai, underscoring the urgent need for heightened security awareness.
Source link
Share
Read more