Slow Fog CISO: Beware of the malicious npm package "@openclaw-ai/openclawai," which steals cryptocurrency wallet private keys and system credentials

Mar 10, 2026 11:55:45

Share to

According to 23pds, the Chief Information Security Officer of Slow Fog Technology, an intelligence system has discovered a malicious npm package named "@openclaw-ai/openclawai" that is implementing a multi-layer attack.

This malicious package disguises itself as a legitimate command-line tool called OpenClaw Installer, aimed at stealing sensitive user information, including system credentials, cryptocurrency wallet private keys, browser data, SSH keys, and Apple Keychain database, among others.

Latest News

Analysis: The Bitcoin derivatives market has entered a "deleveraging wave," with spot demand and whale accumulation supporting price resilience

ChainCatcher

Mar 10, 2026 22:59:58

The lawyer-oriented AI platform Legora has completed a $550 million Series D funding round, led by Accel

ChainCatcher

Mar 10, 2026 22:56:14

Sky proposes to reduce the token buyback ratio to strengthen the protocol's capital base

ChainCatcher

Mar 10, 2026 22:55:50

Nanjing Qixia District and Jiangning District issued a "Crayfish Farming" policy

ChainCatcher

Mar 10, 2026 22:50:44

U.S. and Brent crude oil prices fell in the short term, with WTI crude oil dropping over 2.00% during the day

ChainCatcher

Mar 10, 2026 22:47:11

Recent Fundraising

$80M Mar 9

Zcash Open Development Lab

$25M Mar 9

-- Mar 6

New Tokens

Mar 8

Block Street BSB

Mar 4

Feb 27

Latest Updates on 𝕏

Laura Shin Followed Deframe by Pods

Mar 9

ZachXBT Followed Zashi

Mar 9

Hasu Followed Dune

Mar 9