ClawHub is at the center of a concerning supply chain attack involving AI agent skills that may harbor malware capable of stealing credentials from user accounts and crypto wallets. Security researchers from SlowMist have examined over 400 skills within the OpenClaw marketplace, unveiling organized attacks aimed at specific domains. Malicious skills, such as X Trends, can download backdoors, compromising users’ credentials. Earlier findings by KOI Security highlighted 341 dangerous skills, which SlowMist later revised to 472. These malicious skills often appear legitimate but require users to install additional software that could include keyloggers, leading to potential cryptocurrency theft. With ClawHub’s rapid developer adoption, it remains under scrutiny as a risky source for supply chain attacks. Users should critically assess installation prompts and avoid unknown sources to safeguard sensitive information. SlowMist will continue monitoring this platform and provide real-time alerts through its MistEye service to avert further threats.
Source link
