OpenClaw AI Skills Weaponized to Mass‑Distribute Malware via Automated Agents

VirusTotal researchers identified a new infection chain that abuses the OpenClaw AI platform. Threat actors created dozens of seemingly harmless “skills”—small AI‑driven scripts that claim to perform routine tasks such as file cleanup or system diagnostics. In reality, each skill silently fetches a malicious binary from a command‑and‑control server and executes it on the compromised host, leveraging OpenClaw’s built‑in automation to run the payload without user interaction.

The abuse enables rapid, low‑cost scaling of malware delivery: a single compromised OpenClaw account can propagate the malicious skills to any user who installs them, effectively turning the AI marketplace into a distribution hub. Defenders must treat AI‑generated content as a potential attack vector, monitor for abnormal skill uploads, enforce strict validation of third‑party scripts, and incorporate AI‑platform telemetry into existing detection pipelines to spot these covert payloads before they reach endpoints.

Categories: AI Security & Threats, Malware & Ransomware, #AI Security & Threats

Source: Read original article