Slow Fog CISO: Beware of the malicious npm package "@openclaw-ai/openclawai," which steals cryptocurrency wallet private keys and system credentials

Mar 10, 2026 11:55:45

Share to

According to 23pds, the Chief Information Security Officer of Slow Fog Technology, an intelligence system has discovered a malicious npm package named "@openclaw-ai/openclawai" that is implementing a multi-layer attack.

This malicious package disguises itself as a legitimate command-line tool called OpenClaw Installer, aimed at stealing sensitive user information, including system credentials, cryptocurrency wallet private keys, browser data, SSH keys, and Apple Keychain database, among others.

Latest News

Binance will launch the EWY index perpetual contract

ChainCatcher

Mar 12, 2026 22:33:10

Data: PIVX dropped over 10% in 24 hours, CFX rose over 7%

ChainCatcher

Mar 12, 2026 22:30:29

The most representative companies in the crypto custody sector, such as Copper and BitGo, are leading the way

ChainCatcher

Mar 12, 2026 22:25:35

Strive buys Strategy stocks, and Bitcoin treasury companies start nesting each other

ChainCatcher

Mar 12, 2026 22:22:44

Ark Invest: About one-third of Bitcoin supply still faces potential threats from quantum computing

ChainCatcher

Mar 12, 2026 22:13:53

Recent Fundraising

$45M Mar 12

$13M Mar 12

$5M Mar 12

New Tokens

Mar 11

Mar 8

Block Street BSB

Mar 4

Latest Updates on 𝕏

Michael Saylor Followed Roxom

Mar 11

Fiskantes Followed Sunrise

Mar 11

Austin Federa Followed Euphoria Finance

Mar 11