Subscribe to our newsletter
- Hudson Rock detects first data theft attack that steals OpenClaw AI assistant configuration files
- Stolen secrets (API keys, tokens) could grant access to linked apps like Telegram or calendars
- Researchers warn that data thieves will soon add dedicated modules to analyze data from AI agents, increasing risks to professional workflow.
Thanks to its overnight success and widespread adoption, OpenClaw has painted a big target on its back and is now being attacked by information thieves, after security researchers Hudson Rock claimed to have seen the first attack of its kind in the wild.
OpenClaw (previously known as Clawdbot and Moltbot) is an open source artificial intelligence assistant software designed to complete tasks, rather than simply answer questions or generate multimedia. Users can set it up on their personal computers or servers and connect it to applications like Telegram, calendars, and the like, after which it can perform practical tasks such as managing emails, scheduling meetings and tasks, and automating workflows.
But to configure it correctly, users must provide it with certain secrets, such as API keys or authentication tokens. These are stored in the tool’s configuration files which, if stolen, can grant attackers access to different applications and tools.
Live infections detected
Now, according to Hudson Rock, this is exactly what’s happening:
“Hudson Rock has detected a live infection in which an information thief managed to exfiltrate a victim’s OpenClaw configuration environment,” the company said in a report.
“This finding marks an important milestone in the evolution of information thieves’ behavior: the transition from stealing browser credentials to harvesting the ‘souls’ and identities of personal AI agents.”
In this specific incident, the hackers were not targeting OpenClaw itself: they simply managed to implement an information stealer that took as many sensitive files from the compromised system as possible. However, Hudson Rock expects this to change “quickly,” as more and more cybercriminals realize the value of OpenClaw configuration data.
“As AI agents like OpenClaw become more integrated into professional workflows, data-stealing developers will likely release dedicated modules specifically designed to decrypt and analyze these files, much like they do today with Chrome or Telegram,” the researchers concluded.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
