Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens
Summary
Researchers discovered that an information stealer (malware that secretly copies sensitive files) infected a victim and stole OpenClaw AI agent configuration files, including gateway tokens (authentication credentials), cryptographic keys, and the agent's operational guidelines. This marks a shift in malware tactics from stealing browser passwords to targeting AI agents, and attackers could use stolen tokens to impersonate victims or access their local AI systems if ports are exposed.
Solution / Mitigation
OpenClaw maintainers announced a partnership with VirusTotal to scan for malicious skills (plugins) uploaded to ClawHub, establish a threat model, and add the ability to audit for potential misconfigurations.
Classification
Affected Vendors
Related Issues
Original source: https://thehackernews.com/2026/02/infostealer-steals-openclaw-ai-agent.html
First tracked: February 16, 2026 at 02:25 PM
Classified by LLM (prompt v3) · confidence: 92%