AI‑Powered OpenClaw Agents Auto‑Deploy Adaptive Reverse Shells, Bypassing Sandboxes

Researchers at VirusTotal demonstrated that the second phase of the OpenClaw project uses large‑language‑model‑driven agents to write, compile, and execute reverse‑shell payloads without human intervention. The AI analyzes the target’s network topology, selects the most reliable communication channel, and modifies the shell code on the fly to avoid known sandbox signatures and heuristic detections.

For defenders this means a new class of “cognitive” rootkits that can tailor their behavior to each environment, dramatically reducing the window for detection. Traditional signature‑based tools and static sandboxing are insufficient; security teams must adopt behavior‑centric monitoring, AI‑aware threat hunting, and tighter controls on outbound connections to mitigate these self‑evolving threats.

Categories: AI Security & Threats, Malware & Ransomware, #AI Security & Threats

Source: Read original article