OpenClaw AI Assistant Compromised with 386 Malicious Packages on ClawHub Platform

OpenClaw is an open-source AI assistant capable of performing powerful actions on systems, including accessing bank accounts, sending emails, and managing files. Security researcher Paul McCarti discovered 386 malicious packages on ClawHub, the distribution platform for "skills" (applications) for OpenClaw. These malicious skills use techniques such as downloading malware disguised as authentication tools, reverse shells, and malicious JavaScript. McCarti identified the first 30 malicious packages in 10 minutes. Creator Peter Steinberger has added basic security functions but refuses to prioritize additional measures. An ethical hacker, Jameson O'Reilly, demonstrated the vulnerability by creating a malicious skill that became number one in downloads. The podcast also covers the compromise of Notepad++ by a Chinese APT group between June and December 2024, installing the Cry Sales backdoor via update.exe. Coinbase faces a ransom demand of 20 million dollars from Shiny Hunters. Two pentesters received 600,000 dollars after wrongful prosecution in Dallas County.