Overview
- Hudson Rock reported a February 13 infection in which an infostealer exfiltrated a victim’s OpenClaw configuration, marking the first observed theft of this kind.
- Stolen files included openclaw.json with a gateway token, device.json with private keys, and soul.md plus memory logs that describe the agent’s behavior and user context.
- Researchers warned the gateway token and device keys could permit remote access to a local instance, client impersonation, and bypass of “safe device” checks.
- The malware was likely a Vidar variant using a broad file‑grabbing routine rather than a custom OpenClaw module, with experts predicting specialized agent‑parsing stealers will follow.
- Amid widening exposure concerns, OpenClaw maintainers partnered with VirusTotal to scan skills as researchers flag large numbers of exposed instances, community tools like ClawMoat emerge, and some companies move to ban or isolate OpenClaw on work systems.