Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

GhostLoader RAT-stealer via @openclaw-ai/openclawai

Malware Activity
First reported
Last updated
Happening score
H score 22
1 unique sources, 1 articles

Summary

Hide ▲

A malicious @openclaw-ai/openclawai npm package is delivering GhostLoader to macOS hosts, enabling credential theft, browser-session cloning, and persistent remote access. The package masquerades as an OpenClaw installer and uses a postinstall hook plus a fake iCloud Keychain prompt to harvest the victim's system password. It then retrieves an encrypted second-stage payload from trackpipe[.]dev and runs it in the background with SOCKS5 proxy and remote-command features. Stolen data can include Keychain items, browser cookies, wallets, SSH keys, and cloud credentials, and the malware exfiltrates them through the C2 server, Telegram Bot API, and GoFile.io.

Related Happenings

TrapDoor trap-core.js credential-stealing package malware

Malware Activity
First: 25.05.2026 08:59 Last: 25.05.2026 08:59 Sources 1

About this happening: The **TrapDoor** package malware is spreading across **npm, PyPI, and Crates.io**, putting **developer secrets, cloud credentials, SSH keys, and crypto wallets** at risk. The malw...

Open Happening

TrapDoor cross-ecosystem supply-chain campaign

Campaign
First: 25.05.2026 08:59 Last: 25.05.2026 08:59 Sources 1

About this happening: The **TrapDoor** supply-chain campaign has expanded across **npm, PyPI, and Crates.io**, using **34+ malicious packages** to steal developer secrets and credentials. The operation...

Open Happening

SHub Reaper macOS infostealer variant

Malware Activity
First: 19.05.2026 00:42 Last: 19.05.2026 00:42 Sources 1

About this happening: The **SHub Reaper** macOS infostealer now uses **AppleScript** and a fake **Apple security update** lure to infect Macs, raising the risk of credential theft and remote access. It...

Open Happening

OpenClaw/OpenShell managed sandbox backend Claw Chain (multiple vulnerabilities)

Vulnerability
First: 15.05.2026 16:35 Last: 15.05.2026 16:35 Sources 1

About this happening: Researchers disclosed **four OpenClaw flaws** in the **OpenShell managed sandbox backend** that can be chained for **data theft**, **privilege escalation**, and **persistence**. T...

Open Happening

Node-ipc malicious versions with stealer/backdoor payload

Malware Activity
First: 14.05.2026 20:22 Last: 14.05.2026 20:22 Sources 1

About this happening: Three **node-ipc** releases now carry an **obfuscated stealer/backdoor** that can harvest **developer and cloud secrets** from any system that loads the package. The malicious cod...

Open Happening

Timeline

  1. 09.03.2026 20:31 1 articles · 2mo ago

    Malicious OpenClaw-themed npm package uploaded

    Untyped Phase

    The malicious npm package @openclaw-ai/openclawai was uploaded to the npm registry by the user openclaw-ai on March 3, 2026. The package was built to masquerade as an OpenClaw installer, trigger a postinstall hook, point the executable to scripts/setup.js, and launch a fake installation flow that set up GhostLoader behavior on macOS hosts.

    Show sources
    Open in new tab
  2. 09.03.2026 20:31 2 articles · 2mo ago

    JFrog analyzes GhostLoader delivery and data theft capabilities

    Technical Analysis Update

    JFrog identified @openclaw-ai/openclawai as a malicious OpenClaw impersonator aimed at macOS developers and hosts, designed to steal system credentials, browser data, crypto wallets, SSH keys, Apple Keychain databases, and iMessage history while installing a persistent RAT with remote access capabilities, SOCKS5 proxying, and live browser session cloning. The analysis also tied the second-stage activity to trackpipe[.]dev and described multi-channel exfiltration through the C2 server, Telegram Bot API, and GoFile.io.

    Show sources
    Open in new tab