{"data":{"id":"622b8b15-7bca-4428-be9b-d2476d34206c","title":"Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens","summary":"Researchers discovered that an information stealer (malware that secretly copies sensitive files) infected a victim and stole OpenClaw AI agent configuration files, including gateway tokens (authentication credentials), cryptographic keys, and the agent's operational guidelines. This marks a shift in malware tactics from stealing browser passwords to targeting AI agents, and attackers could use stolen tokens to impersonate victims or access their local AI systems if ports are exposed.","solution":"OpenClaw maintainers announced a partnership with VirusTotal to scan for malicious skills (plugins) uploaded to ClawHub, establish a threat model, and add the ability to audit for potential misconfigurations.","labels":["security","privacy"],"sourceUrl":"https://thehackernews.com/2026/02/infostealer-steals-openclaw-ai-agent.html","publishedAt":"2026-02-16T18:43:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["data_extraction","supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["OpenClaw","Vidar","ClawHub","Moltbook","VirusTotal","OX Security","SecurityScorecard"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}