China's Ministry of Industry and Information Technology (MIIT) Network Security Threat and Vulnerability Information Sharing Platform (NVDB) recently detected that certain attack organizations are leveraging the growing popularity of the AI Agent "OpenClaw" (also known as "Lobster"). These groups are creating sophisticated counterfeit OpenClaw download websites and installation files to trick users into downloading and executing packages embedded with malicious programs.
The NVDB warns that once a user runs these deceptive OpenClaw installer files, the embedded malware will covertly load onto the terminal device. Subsequently, it will unleash and implant remote control Trojans. The potential consequences of such an infection are severe, including initiating cyberattacks, compromising the user's system through remote control, and leading to the leakage of sensitive information.
To effectively mitigate these cybersecurity risks, the MIIT NVDB strongly advises users to only download and install OpenClaw and its associated skill plugins from official or highly trusted channels. Furthermore, users should exercise extreme caution with unfamiliar links, refraining from clicking them without verification, to safeguard their personal and corporate information security.