With the massive adoption of the OpenClaw agentic AI assistant, information-stealing malware has been spotted stealing files associated with the framework that contain API keys, authentication tokens, and other secrets.
OpenClaw (formerly ClawdBot and MoltBot) is a local-running AI agent framework that maintains a persistent configuration and memory environment on the user's machine. The tool can access local files, log in to email and communication apps on the host, and interact with online services.
Since its release, OpenClaw has seen widespread adoption worldwide, with users using it to help manage everyday tasks and act as an AI assistant.
However, there has been concern that, given its popularity, threat actors may begin targeting the framework's configuration files, which contain authentication secrets used by the AI agent to access cloud-based services and AI platforms.
Infostealer spotted stealing OpenClaw files
Hudson Rock says they have documented the first in-the-wild instance of infostealers stealing files associated with OpenClaw to extract secrets stored within them.
"Hudson Rock has now detected a live infection where an infostealer successfully exfiltrated a victim's OpenClaw configuration environment," reads the report.
"This finding marks a significant milestone in the evolution of infostealer behavior: the transition from stealing browser credentials to harvesting the 'souls' and identities of personal AI agents."
HudsonRock had predicted this development since late last month, calling OpenClaw "the new primary target for infostealers" due to the highly sensitive data the agents handle and their relatively lax security posture.
Alon Gal, co-founder and CTO of Hudson Rock, told BleepingComputer that it is believed to be a variant of the Vidar infostealer, with the data stolen on February 13, 2026, when the infection took place.
... continue reading