Slow Fog CISO: Beware of the malicious npm package "@openclaw-ai/openclawai," which steals cryptocurrency wallet private keys and system credentials

Mar 10, 2026 11:55:45

Share to

According to 23pds, the Chief Information Security Officer of Slow Fog Technology, an intelligence system has discovered a malicious npm package named "@openclaw-ai/openclawai" that is implementing a multi-layer attack.

This malicious package disguises itself as a legitimate command-line tool called OpenClaw Installer, aimed at stealing sensitive user information, including system credentials, cryptocurrency wallet private keys, browser data, SSH keys, and Apple Keychain database, among others.

Latest News

Mu Digital partners with Curated and Plums to bring institutional-grade Asian credit to Ethereum

Cointelegraph

3月 14, 2026 00:47:12

MoonPay Agents Introduces the First AI Agent Secured by a Ledger Signer

PRNewswire

3月 14, 2026 00:30:00

Marathon Digital sold 298 BTC

ChainCatcher

3月 14, 2026 00:12:46

Bank of America analysts warn that a decline in the S&P 500 index may trigger a policy response

ChainCatcher

3月 14, 2026 00:09:43

Billionaire Stanley Druckenmiller: Stablecoins may become the future global payment infrastructure

ChainCatcher

3月 14, 2026 00:02:58

Recent Fundraising

$13M 3月 13

Eightco Holdings, Inc.

$125M 3月 13

$3M 3月 12

New Tokens

3月 11

3月 8

Block Street BSB

3月 4

Latest Updates on 𝕏

Laura Shin Followed Deplay

3月 12

Andrew Kang Followed NVIDIA

3月 12

Justin Sun Followed Ostium

3月 12