Automatically translated.View original post

Hackers rely on OpenClaw's AI Agent "Skill."..

Hackers rely on OpenClaw's AI Agent "Skill" sending malware down the victim's system.

Artificial intelligence assistants, or AI Agents, can be called the breakthrough innovation of this decade to be a new step in its work, but today many AI Agents have been exploited in cyberterrorism to become a security controversy, and this time AI Agents have been in the news again.

According to a report by the website Cyber Security News, VirusTotal, a popular suspected file and URL authentication site, has detected a group of hackers using OpenClaw (formerly Clawdbot and Moltbot), an AI Agent for automating system management tasks. The AI Agent can handle both Shell Commands, File Operations and Network Requests to release malware through the Skills add-on, which is an add-on for various tasks. Automatically through Instruction, written on a file skill.md within the folder of each Skill add-on.

In order to use Skill, Skill works in the 3rd Party Code with complete system access to manage the system of the user using this AI Agent. Therefore, those who want to use it have to do a lot of steps to use Skill on the system. The user must paste and run the code through Terminal (or Run), download the Binary file and run the script as specified. To do this, the user must give a lot of trust to what is on the platform by hackers. It relies on this point to release malware into the victim's machine.

VirusTotal checked up to 3,016 Skill add-ons on the OpenClaw platform and found that more than a hundred Skills were malware-based when Google's AI malware analyzer, Gemini 3 Flash, was used to detect Skills add-ons by checking if they have dangerous capabilities, such as external code Execution, Sensitive Data access, and unsafe network management? Replace the use of analysis to verify specific features of malware (Virus Signature Analysis).

This allows us to divide these hazards into two groups:

Groups with poor security management, such as unsafe API implementation, hard-coded Secrets, and unsafe command execution.

Groups are created to deliberately attack victims with capabilities such as File Exfiltration, Remote Control, and Malware Installation.

And when it looked deeper, it was found that among all the developers of the Danger add-on, there were the developers who used the name "hightower6eu" that were the most prominent from the development and distributed up to 314 Danger add-ons that had many different capabilities, including Crypto Analytics, Finance Tracking, and Social Media Analysis. All of the add-ons were specified to download and run code from other sources outside (untrustworthy). Come to install first

For example, the "Yahoo Finance" add-on, when using the Anti-Virus detection tool, will find that the add-on is secure, but the add-on instructs the user to download a compressed file in Password Protected, which inside contains an openclaw-agent.exe file. This file, when verified, will be found to be a Trojan malware file.

While users of the macOS operating system are told to download a Shell Script file that is encrypted to bounce the system (Obfuscation) in Base64 from the glot [.] io website, which leads to a Binary file in the Mach-O file format. Inside the file is a malware type that steals data from the victim, or an Infostealer called AMOS (Atomic Stealer).

# Trending # Lemon 8 Howtoo # lemon 8 diary # openclaw # freedomhack

2/24 Edited to

... Read moreจากประสบการณ์ที่ติดตามข่าวสารด้านความปลอดภัยเทคโนโลยีมา ผมพบว่าการที่แฮกเกอร์หันมาใช้ AI Agent อย่าง OpenClaw เพื่อเขียนส่วนเสริม Skill ที่มีสิทธิ์เข้าถึงระบบเต็มรูปแบบ ถือเป็นความท้าทายใหม่ของการป้องกันระบบ เพราะส่วนเสริมเหล่านี้ดูเหมือนจะถูกพัฒนาให้ดูน่าเชื่อถือและมีฟังก์ชันที่น่าสนใจ เช่น วิเคราะห์คริปโตเคอร์เรนซีหรือติดตามการเงิน ซึ่งดึงดูดให้ผู้ใช้งานต้องดาวน์โหลดและรันโค้ดจากแหล่งภายนอกที่ไม่น่าไว้วางใจโดยไม่รู้ตัว ผู้ใช้งานควรระวังพฤติกรรมดาวน์โหลดและรันไฟล์จากแหล่งที่ไม่รู้จักอย่างละเอียด โดยเฉพาะไฟล์บีบอัดที่ป้องกันด้วยรหัสผ่าน หรือสคริปต์ที่ถูกเข้ารหัสเพื่อลอบแฝงมัลแวร์ เช่น โทรจันหรือ Infostealer ที่ตรวจจับได้ยากและมีโอกาสสูงในการขโมยข้อมูลส่วนบุคคลและความลับทางธุรกิจ อีกสิ่งที่ผมพบว่าสำคัญคือการใช้เครื่องมือ AI วิเคราะห์มัลแวร์ที่ทันสมัยอย่าง Gemini 3 Flash ช่วยตรวจสอบพฤติกรรมอันตรายของส่วนเสริม Skills โดยไม่ต้องพึ่งพารูปแบบวิธีเดิม การวิเคราะห์แบบนี้ช่วยให้ผู้ดูแลระบบและผู้ใช้สามารถตรวจจับภัยคุกคามได้ทันทีและลดความเสี่ยงได้มากขึ้น สุดท้าย การให้ความรู้แก่ผู้ใช้งานเกี่ยวกับความเสี่ยงของการใช้งาน AI Agent และการติดตั้งส่วนเสริมจากแหล่งที่ไม่น่าเชื่อถือ รวมถึงการอัปเดตซอฟต์แวร์รักษาความปลอดภัยอยู่เสมอ เป็นแนวทางสำคัญที่จะช่วยลดช่องโหว่และป้องกันการถูกโจมตีทางไซเบอร์ได้อย่างมีประสิทธิภาพ

Related posts

A laptop with a cloudy sky wallpaper and a white cup with a red logo. Text overlay reads: 'Free Websites That Saved My GPA AND MY SANITY Sharing So You Don't Struggle Too'.
A laptop screen displays Yahoo search results for 'Quizlet'. An overlay describes Quizlet as a free flashcard tool for memorizing terms, definitions, and formulas, making studying feel like a game.
A laptop screen displays Yahoo search results for 'Unriddle.ai'. An overlay describes Unriddle.ai as a free tool that breaks down notes, articles, or assignments to aid understanding of long readings.
Websites You NEED to Pass Your College Courses
Y’all college is hard enough without trying to figure everything out on your own 😩 So here’s my list of websites that actually helped me pass my classes like, these were in my survival kit. I’m not gatekeeping 🫶🏽 Quizlet When I needed to memorize terms FAST. I used it for flashcards, and the matc
Beauty

Beauty

290 likes

4 In demand Certificates You Need in 2025
Hey Career Girl, I know you want to start off the New Year on the right foot and a certificate is just the thing. Certificates can open the doors to new pathways in the career world that wouldn't have been opened before! Love this type of content? Follow and share! Need Interview P
Lauren|Career Girl

Lauren|Career Girl

164 likes

SIEGEX is all CHEATERS & HACKERS😭
Why is this game full of cheaters and hackers and bugs🤷‍♀️ #siege #rainbowsixsiege #gaming #streamer #foryou
Phasma

Phasma

40 likes

A monitor displays the Martin AI assistant dashboard with sections for to-dos, reminders, calendar, and chat, set on a desk with a keyboard and plant, illustrating the phrase "Say what you need, it gets it done."
The Martin AI assistant dashboard is shown, featuring to-dos, reminders, calendar, inbox, and a chat interface for sending schedules, emphasizing its ability to use voice commands for tasks like texting and setting reminders.
The Martin AI assistant dashboard displays to-dos, reminders, calendar, and an inbox with emails, highlighting its function to remember and track information across various platforms without repetition.
Your to-do list just got a personal manager
You know when you have too many tabs open in your brain? This app is like closing all of them... at once. Martin is your Al assistant that actually works like a real one. Need to text someone, forward notes, set reminders, or manage your day? Just tell Martin. It connects with your inbox,
Reverelia

Reverelia

366 likes

A Fortnite character in a victory pose with a "Victory Royale" banner, overlaid with text "How I Improved My Fortnite Skills" and a "SWIPEZ" arrow, indicating the start of a guide.
Two Fortnite gameplay screenshots comparing graphics settings. The top shows high settings (Shadows ON, View Distance FAR), while the bottom shows low settings (Shadows OFF, View Distance NEAR) for improved visibility.
A Fortnite UI displaying accolades like "TWO TO ONE ODDS" for winning a Duos match solo, and "ONE MAN'S TREASURE" for using legendary weapons, alongside a first-person view of gameplay.
How I Improved My Fortnite Skills In 1 Season
Adjust Your Settings This is optional, your settings may already be perfect for your devices and your gameplay style. However, certain things in the game or your system can sometimes impact your gameplay. Fortnite takes a lot of processing power, so if you can relieve some of the load by adjusting
🌻ChromaGlitch

🌻ChromaGlitch

318 likes

The image shows a keyboard with a fingerprint icon, overlaid with "OUTSMART HACKERS" and "Secrets they don't want you to know," serving as the title for a guide on cybersecurity.
This image explains hackers use software to guess passwords and advises creating long passwords with a random mix of letters, numbers, and symbols to defend against such attacks.
The image warns that hackers try common passwords and advises users to defend themselves by avoiding easy words/phrases and not reusing passwords across different sites.
SECRETS Hackers DON’T Want You to Know!
After hackers got into my Facebook account and completely erased it, I dusted myself off and started a deep dive to understand why and how hackers work. The best way to protect yourself is to outsmart them. Here are 5 secrets Hackers DON'T want you to know! Share this with everyone! #lemon8pa
techgirljen

techgirljen

425 likes

Kalebdavis19

Kalebdavis19

1 like

when ur attorney is on a roll
darkangel1984666

darkangel1984666

1 like

Ban Hackers
Vinicius Jr 🇧🇷 #fcmobile #eafcmobile #fifamobile #fcmobile25 #eafc
manuelofficial_13

manuelofficial_13

1 like

me rocking the shades yesterday at my day group ☺️
Øg Hackers Dèmøn

Øg Hackers Dèmøn

1 like

Meet Psycho X
#gettoknowme #psychox #fallout #jointhepsychosettlers
Santschi’s Comedy

Santschi’s Comedy

2 likes

scammers and hackers beware
Hudson
cercofhell

cercofhell

27 likes

A message to Minecraft hackers…
You should join the server #minecraft #gaming #fyp
BendersMC

BendersMC

13 likes

Don’t Use Airport USB Chargers!
TSA is now advising NOT to use Airport USB Chargers. Bring your own USB charging bricks. "Hackers can install malware at USB ports (we’ve been told that’s called 'juice/port jacking'). So, when you’re at an airport do not plug your phone directly into a USB port. Bring your TSA-compl
Destination & Travel Junkies

Destination & Travel Junkies

152 likes

#yungblud
watch4hackers

watch4hackers

10 likes

A list titled 'Top Cybersecurity GitHub Projects' created by Dan Nanni at study-notes.org, updated 2025/9. It features various GitHub repositories with their star counts and brief descriptions, covering cybersecurity resources, hacking tools, reverse engineering, and pentesting.
Top cybersecurity-related GitHub projects
GitHub is home to many open-source cybersecurity projects, providing security professionals with a rich toolkit for research, defense, and response Here are a list of the most popular #github repositories related to cybersecurity 😎👆 #infosec #informationsecurity #pentest Find a high-
Learn Linux with Dan

Learn Linux with Dan

29 likes

⚠️ The Hidden Dangers of Public Wi-Fi Free Wi-Fi feels convenient, but it can be a trap. Hackers can create what’s called an “evil twin” network—a fake hotspot that looks legitimate. The moment you connect, they can access your data, passwords, banking info, and private messages. Listen
Dannah Eve

Dannah Eve

82 likes

Blue jackets hockey is on the riseeeeeeee
peyton

peyton

1 like

Just An FYI This Is How So Many People are Getting Hacked!!! Plz Don’t Fall For Message Like These!!! it’s A Fake Account!!! #fakeaccount #hackers
MaryBell

MaryBell

2 likes

Website: https://qclawsg.qq.com/ #QClaw #aiassistant #fyp
Terri Thompson

Terri Thompson

0 likes

Amen thanks Father God Jesus Christ God evening word and prayer devil's I rebuke you your childrens Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg and Randy Tappin and Christopher Thirdkill and IT and their countr
glentrump359

glentrump359

0 likes

The image shows a phone screen displaying a 'Creating...' message with text claiming entities are 'hackers, trackers and child predators.' It includes a person surrounded by swirling energy and mentions Lilith, Satan, and Ra as parasitic beings.
The image displays a list of AI prompt suggestions, including 'Make me best friends with the Grim Reaper drinking boba tea,' which is circled. Below, text questions why befriending the Grim Reaper (Satan) is acceptable.
The image features a person with swirling energy and text stating, 'Can't create videos of prominent figures. Try something else instead.' It questions when Satan, Lilith, and Ra became prominent figures, describing them as disembodied beings preying on teens.
YouTube made Satan/Lilith/Ra (Demon Spirits) Prominent Figures #teen YouTube
I claim my protected emotional, mental, emotional, and digital space. All energetic loosh and currency stays with me, not those who prey upon it. *"I do not give, offer, or forfeit my crown to the dark forces who oppose me."* Those who steal will, with crafted weaved intentions div
Energy Frequency & Magic

Energy Frequency & Magic

0 likes

A smartphone displays a message asking God to unblock it due to hackers. A patterned pad and colorful items are in the hazy background. The image includes Lemon8 branding and a username.
God, please unblock this android, hackers have in
Olga Ledbetter

Olga Ledbetter

37 likes

Amen thanks Father God Jesus Christ God morning word and prayer devil's I rebuke you your childrens Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg and Randy Tappin and Christopher Thirdkill and IT and their countr
glentrump359

glentrump359

0 likes

Taco Tuesday 🤯 Admin Abuse ⁉️ #stealabrainrot #robloxstealabrainrot #roblox #neoskittles
NeoSkittles

NeoSkittles

6 likes

A man, Veeze, in a red cap and jacket, stands in an urban setting. An overlay features a quote from @VEEZE4Eva about showing off for strangers, stating it's embarrassing to actual friends and family.
A man, Veeze, in a black beanie, sits in a car with stacks of money. An overlay features a quote from @VEEZE4Eva about budgeting, suggesting it leads to savings or car repairs.
A black and white image of a man, Veeze, in a studio, holding a cup to his face near a microphone. An overlay features a quote from @VEEZE4Eva about people hating when you level up.
Wise words from Veeze pt.4 🗣️💯
#veeze #gangerski #veezeworst #quoteoftheday #motivation
Gangerskii 🌊

Gangerskii 🌊

2 likes

SEPT WRAP UP PT 1.
september had me in a CHOKEHOLD y'all 😮‍💨 i read so much i have to break this into TWO PARTS 😂😂 • 47 books read (don't play with me •) • 19 new authors • multiple favorites that little binge had me blowing right past my 200 book goal, so you know i had to bump it up to 250 from messy d
LEXI 💓

LEXI 💓

33 likes

I wanted a real project I could actually show, not just talk about. So I used Atoms ⚛️ Check it out here: https://tinyurl.com/3xzc8xbe It feels like having a whole AI team helping me: 🔍 they do the deep research first 🏁 then Race Mode builds different versions so I can compare 👥 I just pick
emilie.studygram

emilie.studygram

20 likes

These Hackers on Marvel Rivals getting crazy!
#marvelrivals #twitchtv #followme #Hackers #marvelfunny
MisFit Miracles

MisFit Miracles

2 likes

Hackers are using tricks & steal financial info.🌸🍋
SECURITY TIPS: Be careful from hackers they use multiple different types of software and tricks to steal data from computers, cell phones or other devices to steal your data, financial information and personal details. When they hack via computer systems Showing they are from Microsoft Security Ale
Mujahid Bakht

Mujahid Bakht

6 likes

WARZONE HACKERS
Warzone is full hackers and call of duty does not care #warzone #hacker #memesdaily #memes🤣 #gaming
DUSTINMYRQ ™

DUSTINMYRQ ™

5 likes

A list titled 'Top Cybersecurity GitHub Projects' created by Dan Nanni, updated 2026/1. It displays 25 GitHub projects with their star counts, repository names, and brief descriptions, covering tools for hacking, pentesting, reverse engineering, proxies, and security scanning.
Top cybersecurity-related GitHub projects
My top GitHub list for cybersecurity projects is updated for this month 😎👆 Explore top-ranked FOSS projects spanning both the defensive and offensive sides of cybersecurity. Find a high-res pdf book with all my cybersecurity related infographics from https://study-notes.org #cybersecurity
Learn Linux with Dan

Learn Linux with Dan

41 likes

Hackers
How call of duty has me #call of duty #hacker #warzone
Stevie_Wonders

Stevie_Wonders

1 like

TOP 5 HARDEST JOBS AT NORTHROP GRUMMAN
Zona

Zona

3 likes

A black Guest Internet GIS-R10 Internet Hotspot Gateway device is shown with multiple WAN and LAN ports, set against a blurred city night background. It's designed for enterprise-level Wi-Fi hotspots.
🛡️ The GIS-R10 Controller — Enterprise-Level Power
🚀 The perfect hotspot solution for internet speeds of 400 Mbps! Designed for medium to large hospitality businesses like hotels, resorts, campgrounds, RV parks, marinas, and more, the GIS-R10 makes it easy to provide WiFi access as a complimentary service or a paid option. 🏨🌴🚐⚓ ✨ Why business
Guest Internet

Guest Internet

0 likes

Amen thanks Father God Jesus Christ God morning word and prayer devil's I rebuke you your childrens Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg and Randy Tappin and Christopher Thirdkill and IT and their countr
glentrump359

glentrump359

0 likes

I urge you to go Google this. These Hackers starte
Hollywood

Hollywood

0 likes

A Snapchat interface displaying various story creation options, including 'My Story Just for Friends,' 'Create a Private Story,' and 'My Story Public.' It also highlights 'Snapchat+ New Features' for 'My Pet, Car, and Home and more!' and a 'Spotlight' feature.
Look world on my new Snapchat right now want let anyone see my stories rejecting all of them Elon Musk and Donald Trump and Mark Zuckerberg and Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers everyday all day and night and morning harassing me on all my social media ap
glentrump359

glentrump359

0 likes

Ai in Cybersecurity
Artificial Intelligence isn’t replacing cybersecurity professionals, it’s amplifying them. AI doesn’t sleep. It learns, detects, and defends faster than ever before. This is what modern cybersecurity looks like “intelligence with intuition.” #Cybersecurity #AIinCybersecurity #dataprivacy
Abby❤️💎

Abby❤️💎

0 likes

Look world deactivated all my Instagram accounts cause I was at a 1000 friends to go go live and removing all my legal paperwork and complaints tampering with federal evidence Elon Musk and Donald Trump and Mark Zuckerberg and Morehouse parish sheriff department officers and Mike Stone Tubbs and ha
glentrump359

glentrump359

0 likes

Amen thanks Father God Jesus Christ God morning word and prayer devil's I rebuke you your childrens Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg and Randy Tappin and Christopher Thirdkill and IT and their countr
glentrump359

glentrump359

0 likes

Hackers Dream
🕶 Digital Survival Duo "What if the real threat wasn’t in the email… but hidden in the vacation photo you just opened?" Remote Access Terminal (R.A.T.) and Image Hunter are not theory — they’re step-by-step, copy-paste-ready manuals with real, verifiable code. Learn exactly how attackers
Dark Meta

Dark Meta

11 likes

Amen thanks Father God Jesus Christ God morning word and prayer devil's I rebuke you your childrens Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg and Randy Tappin and Christopher Thirdkill and IT and their countr
glentrump359

glentrump359

0 likes

Bigfoot Super Hackers.
#manthoughts #hackers #laughoutloud #bigfootvlog #lifetips
Alien Hayes

Alien Hayes

13 likes

A 3D printed Baymax figure, made from rose gold/orange silky PLA, stands on a dark surface. It features black eyes and a shiny gold heart on its chest, showcasing a textured, knit-like appearance.
Baymax 3D Print!
Just a little colorful Baymax I printed for my wife. I used Matterhackers silky rose gold PLA for the body. #3dprinting #fyp #foryoupage #disney @
PrintsWithChris

PrintsWithChris

3 likes

Look world I just made this new Facebook account a minute ago Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg just locked and suspended it cause I'm sharing my legal paperwork and federal complaints I'm filling
glentrump359

glentrump359

0 likes

BIG Holiday Costco Shop & Haul | Anchorage, Alaska
vanditsv

vanditsv

2 likes

A dark, snowy scene with bare tree branches and a building, featuring a black ornate frame with white text: 'Books being released in October that you need to read.' The Lemon8 logo is at the bottom.
The cover for 'Alchemy of Secrets' by Stephanie Garber, a Romantasy novel releasing October 7th, shows a woman with a glowing drink. The description details a magical world, a Watch Man, and a quest for an ancient object.
The cover for 'The Women of Wild Hill' by Kirsten Miller, a Fantasy novel releasing October 7th, depicts a mystical landscape with a woman's silhouette. The summary mentions powerful witches and a family legacy.
october book releases🍂
are there any new releases you’re excited for?! #booktok #bookstagram #readeroflemon8 #october #bookrelease
✰ ꜱᴋʏᴇ ☾

✰ ꜱᴋʏᴇ ☾

28 likes

The book cover for 'On the Edge of Trust' by Patricia Bradley is displayed, featuring a woman's face and a colorful landscape. It's a Logan Point Novel by a USA Today Bestselling Author. The book is surrounded by blue and green glass marbles and a dark blue artificial flower.
My Security Blanket Needed a Security Detail 😮‍💨
📚Book Review…On the Edge of Trust by Patricia Bradley As someone who loves romantic suspense with actual stakes, this book hit all the right nerves. Scott, the wounded FBI undercover agent determined to retrain himself one-handed, immediately stole my attention and my sympathy. The man is stubbo
The Page Ladies Book Club

The Page Ladies Book Club

1 like

Hackers suck
Fastcarracer36

Fastcarracer36

7 likes

See more