Bing AI Promoted Fake OpenClaw GitHub Repositories Pushing Info-Stealing Malware

Fake OpenClaw installers were hosted in GitHub repositories and promoted via Microsoft Bing’s AI-enhanced search feature, tricking users into executing commands that deployed information-stealing malware and proxy malware. The malicious repositories impersonated legitimate software, leveraging Bing AI’s search results to increase visibility. No specific dates, CVE IDs, or technical details about the malware strains were provided in the report. The attack targeted users searching for OpenClaw-related resources, exposing them to credential theft and unauthorized system access. The incident highlights risks associated with AI-driven search promoting unvetted third-party repositories. The source of the fake repositories or the threat actors behind them was not disclosed.