ClawHub malicious skills deliver Atomic Stealer
Malware Activity
Summary
Hide ▲
Show ▼
Researchers found malicious skills on ClawHub delivering a new Atomic Stealer variant to macOS users, turning the OpenClaw skills marketplace into a malware delivery path. The chain hides behind a normal-looking SKILL.md file and a prerequisite install step, then pulls instructions from openclawcli.vercel[.]app to download the stealer from 91.92.242.30. That makes unvetted skills a practical route for credential theft and downstream account compromise.
Related Happenings
OpenClaw/OpenShell managed sandbox backend Claw Chain (multiple vulnerabilities)
Vulnerability
First: 15.05.2026 16:35
Last: 15.05.2026 16:35
Sources 1
About this happening:
Researchers disclosed **four OpenClaw flaws** in the **OpenShell managed sandbox backend** that can be chained for **data theft**, **privilege escalation**, and **persistence**. T...
OpenClaw/OpenShell managed sandbox backend Claw Chain (multiple vulnerabilities)
VulnerabilityAbout this happening: Researchers disclosed **four OpenClaw flaws** in the **OpenShell managed sandbox backend** that can be chained for **data theft**, **privilege escalation**, and **persistence**. T...
OpenClaw 2026.4.22 security patch release for Claw Chain flaws
Security Patch Release
First: 15.05.2026 16:35
Last: 15.05.2026 16:35
Sources 1
About this happening:
OpenClaw released **version 2026.4.22** to fix **four CVE-backed vulnerabilities** in **OpenShell's managed sandbox backend** that could be chained for **data theft**, **privilege...
OpenClaw 2026.4.22 security patch release for Claw Chain flaws
Security Patch ReleaseAbout this happening: OpenClaw released **version 2026.4.22** to fix **four CVE-backed vulnerabilities** in **OpenShell's managed sandbox backend** that could be chained for **data theft**, **privilege...
MacSync macOS infostealer with dynamic AppleScript and in-memory execution
Malware Activity
First: 16.03.2026 13:41
Last: 16.03.2026 13:41
Sources 1
About this happening:
The **MacSync** macOS infostealer now uses **dynamic AppleScript payloads** and **in-memory execution** to reduce static detection and complicate response. It is being delivered t...
MacSync macOS infostealer with dynamic AppleScript and in-memory execution
Malware ActivityAbout this happening: The **MacSync** macOS infostealer now uses **dynamic AppleScript payloads** and **in-memory execution** to reduce static detection and complicate response. It is being delivered t...
Latest development: 10.05.2026 20:52
A MacSync macOS infostealer campaign is abusing Google Ads and legitimate Claude.ai shared chats to lure users searching for "Claude mac download" into following Terminal instructions that download and run malware on their Mac. One observed variant uses polymorphic delivery, checks for Russian or CIS-region keyboard input sources and sends a cis_blocked ping before exiting, then profiles the victim with external IP address, hostname, OS version, and keyboard locale before using osascript to run a second-stage payload; another variant skips profiling and exfiltrates browser credentials, cookies, and macOS Keychain contents.
ClickFix MacSync social-engineering campaign targeting macOS users
Campaign
First: 16.03.2026 13:41
Last: 16.03.2026 13:41
Sources 1
About this happening:
A **ClickFix** campaign is using **fake Cloudflare CAPTCHA verification challenges**, **embedded video tutorials**, and **automatic OS detection** to trick victims into pasting an...
ClickFix MacSync social-engineering campaign targeting macOS users
CampaignAbout this happening: A **ClickFix** campaign is using **fake Cloudflare CAPTCHA verification challenges**, **embedded video tutorials**, and **automatic OS detection** to trick victims into pasting an...
OpenClaw hardening guidance (CNCERT)
Advisory/Mitigation
First: 14.03.2026 18:17
Last: 14.03.2026 18:17
Sources 1
About this happening:
China's **CNCERT** issued mitigation guidance for **OpenClaw**, warning that weak defaults and privileged access could let attackers seize endpoints, leak data, or trigger destruc...
OpenClaw hardening guidance (CNCERT)
Advisory/MitigationAbout this happening: China's **CNCERT** issued mitigation guidance for **OpenClaw**, warning that weak defaults and privileged access could let attackers seize endpoints, leak data, or trigger destruc...
Timeline
-
28.02.2026 19:21 2 articles · 2mo ago
ClawHub malicious skills deliver Atomic Stealer
Technical Analysis UpdateMalicious OpenClaw skills uploaded to ClawHub were used to deliver a new variant of Atomic Stealer to macOS users. The infection chain begins with a normal-looking SKILL.md that installs a prerequisite, then follows instructions hosted on openclawcli.vercel[.]app to download the payload from 91.92.242[.]30 and run it, turning the skills marketplace into a supply-chain path for credential theft.
Show sources
- ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket — thehackernews.com — 28.02.2026 19:21
- ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket — thehackernews.com — 28.02.2026 19:21