律动BlockBeats
律动BlockBeats|Feb 09, 2026 02:58
[Security Warning: OpenClaw Official Plugin Center ClawHub Becomes a New Target for Large-Scale Malicious Skill Supply Chain Attacks] BlockBeats News, February 9 – SlowMist has issued a security warning, stating that the recently popular open-source AI agent project OpenClaw has seen its official plugin center, ClawHub, gradually become a new target for supply chain poisoning attacks, posing potential security risks to developers and users. Monitoring has identified 341 malicious skills, often disguised as crypto asset tools, security checks, or automation tools. Attackers use the SKILL.md file as an entry point for executing commands, hiding malicious commands through Base64 encoding and employing a two-stage loading mechanism to evade detection. In the first stage, the payload is retrieved via curl, and in the second stage, a sample named dyrtvwjfveyxjf23 is deployed, tricking users into entering their system passwords and stealing local documents and system information. Users are advised to review any commands that need to be copied and executed, remain cautious of prompts requesting system permissions, and prioritize obtaining tools through official channels.
+4
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads