Infostealer Malware Targets OpenClaw AI Secrets First Time

Home » News
Yash Shield
News
Reading time icon 2 min. read

Calendar icon Published on

Infostealer malware stole OpenClaw AI agent configuration files for the first time on February 13, 2026. Hudson Rock found a live case where the malware grabbed API keys, tokens, and other secrets from the popular local AI framework. Attackers can now hijack AI agent identities.

OpenClaw runs on user machines with persistent memory. It handles tasks, emails, and cloud services. Its rise made it a prime target for stealers hunting high-value credentials.

BEST WINTER DEALS
Editor's Choice
Private Internet Access

Access content across the globe at the highest speed rate.

70% of our readers choose Private Internet Access

70% of our readers choose ExpressVPN

ExpressVPN

Browse the web from multiple devices with industry-standard security protocols.
Nord VPN

Faster dedicated servers for specific actions (currently at summer discounts)

The stolen files reveal emails, private keys, and agent behavior logs. This marks a shift from browser data to AI agent compromise.

Hudson Rock published the first detection. Their report states: “Hudson Rock has now detected a live infection where an infostealer successfully exfiltrated a victim’s OpenClaw configuration environment.” 

They predicted this attack last month. OpenClaw stores sensitive data in plain text files. Stealers scan for keywords like “token” and grab them automatically.

Alon Gal, Hudson Rock CTO, identified it as a Vidar variant. It uses broad file grabs, not OpenClaw-specific code.

Stolen OpenClaw Files

The malware took these key files from the .openclaw directory:

File NameContainsRisk
openclaw.jsonEmail, workspace path, gateway tokenRemote connections, impersonation
device.jsonPublic/private keys (Pem)Device signing, safe checks bypass
soul.mdAgent behavior definitionFull personality hijack
AGENTS.md, MEMORY.mdActivity logs, messages, calendarPersonal data exposure

These enable full digital identity takeover per Hudson Rock analysis.

Attack Evolution

Stealers evolved fast with AI tools. OpenClaw users face risks as it integrates into work flows. Expect targeted stealers soon.

Tenable found a related flaw in nanobot, an OpenClaw-inspired AI agent. CVE-2026-2577 allowed WhatsApp hijacks. Fixed in v0.13.post7

Nanobot hit 20k GitHub stars in weeks.

  • OpenClaw formerly ClawdBot/MoltBot.
  • Stores data locally with weak protection.
  • Global adoption spikes exposure.

Protection Steps

  • Move secrets to secure vaults.
  • Encrypt OpenClaw config files.
  • Scan for stealers regularly.
  • Limit AI agent cloud access.
  • Monitor for odd API activity.

FAQ

What did the infostealer grab from OpenClaw?

Config files with tokens, keys, emails, logs. 

Which malware hit OpenClaw first?

Vidar variant on Feb 13, 2026.

Is OpenClaw secure by default?

No, stores secrets in plain files scanned by stealers.

What related AI agent flaws exist?

Nanobot CVE-2026-2577 fixed

How to protect OpenClaw data?

Encrypt configs, use vaults, run AV scans.

Will more AI agents get targeted?

Yes, as adoption grows per Hudson Rock prediction.

Yash

Yash Shield

I am a Business Analytics student with a strong interest in publishing well-researched and data-driven news articles. I focus on analyzing trends in business, finance, and technology to create clear, accurate, and engaging content for readers. I enjoy transforming complex data and information into simple, meaningful stories that help audiences understand current developments. With analytical thinking and attention to detail, I aim to deliver credible and insightful news that adds real value to readers.

Readers help support VPNCentral. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more

User forum

0 messages