OpenClaw AI Agents Turned Semantic Worms Deliver Adaptive Malware

VirusTotal’s latest research shows that the rapidly expanding OpenClaw AI‑agent platform is now being abused as a delivery chain for sophisticated malware. Threat actors have embedded reverse shells and “cognitive” rootkits into OpenClaw agents, using the platform’s built‑in semantic analysis to modify payload behavior on the fly based on the host environment, OS version, and installed software.

The adaptive nature of these semantic worms makes them hard to spot with static signatures and can bypass traditional sandboxing. Defenders should prioritize monitoring OpenClaw traffic, enforce strict code‑signing policies for AI agents, and deploy behavioral analytics that can detect anomalous system calls or network callbacks originating from legitimate‑looking AI workloads. Early detection is critical before these agents gain foothold and execute dynamic, system‑specific attacks.

Categories: AI Security & Threats, Malware & Ransomware, #AI Security & Threats

Source: Read original article