GhostLoader RAT-stealer via @openclaw-ai/openclawai
Malware Activity
Summary
Hide ▲
Show ▼
A malicious @openclaw-ai/openclawai npm package is delivering GhostLoader to macOS hosts, enabling credential theft, browser-session cloning, and persistent remote access. The package masquerades as an OpenClaw installer and uses a postinstall hook plus a fake iCloud Keychain prompt to harvest the victim's system password. It then retrieves an encrypted second-stage payload from trackpipe[.]dev and runs it in the background with SOCKS5 proxy and remote-command features. Stolen data can include Keychain items, browser cookies, wallets, SSH keys, and cloud credentials, and the malware exfiltrates them through the C2 server, Telegram Bot API, and GoFile.io.
Related Happenings
TonRAT Node.js implant with TON blockchain C2
Malware Activity
H score24
First: 26.06.2026 12:27
Last: 26.06.2026 12:27
Sources 1
About this happening:
**TonRAT** is using a **Node.js implant** to hide command-and-control lookups behind the **TON blockchain API**, increasing the chance that blocking and detection will fail. The a...
TonRAT Node.js implant with TON blockchain C2
Malware ActivityAbout this happening: **TonRAT** is using a **Node.js implant** to hide command-and-control lookups behind the **TON blockchain API**, increasing the chance that blocking and detection will fail. The a...
MacOS.Gaslight prompt-injection technique aimed at AI-assisted triage
Technical Analysis
H score23
First: 24.06.2026 17:00
Last: 24.06.2026 17:00
Sources 1
About this happening:
**macOS.Gaslight** is a **Rust-based macOS implant and information stealer** assessed with high confidence as the work of **North Korea-aligned threat actors**. The sample uses **...
MacOS.Gaslight prompt-injection technique aimed at AI-assisted triage
Technical AnalysisAbout this happening: **macOS.Gaslight** is a **Rust-based macOS implant and information stealer** assessed with high confidence as the work of **North Korea-aligned threat actors**. The sample uses **...
Deps credential stealer in hijacked Arch AUR builds
Malware Activity
H score3
First: 12.06.2026 22:24
Last: 12.06.2026 22:24
Sources 1
About this happening:
**Atomic Arch** is a **malware activity** that hijacked **more than 400 Arch User Repository (AUR) packages** on or after **June 11** and rewrote their build scripts to run **npm...
Deps credential stealer in hijacked Arch AUR builds
Malware ActivityAbout this happening: **Atomic Arch** is a **malware activity** that hijacked **more than 400 Arch User Repository (AUR) packages** on or after **June 11** and rewrote their build scripts to run **npm...
AUR package-hijacking campaign delivering atomic-lockfile
Campaign
H score11
First: 12.06.2026 20:03
Last: 12.06.2026 20:03
Sources 1
About this happening:
**AUR package-hijacking campaign** is abusing **more than 400** compromised **Arch User Repository (AUR)** packages to deliver **atomic-lockfile**, turning the **AUR** build path...
AUR package-hijacking campaign delivering atomic-lockfile
CampaignAbout this happening: **AUR package-hijacking campaign** is abusing **more than 400** compromised **Arch User Repository (AUR)** packages to deliver **atomic-lockfile**, turning the **AUR** build path...
Atomic-lockfile rootkit-infostealer distribution through AUR packages
Malware Activity
H score3
First: 12.06.2026 20:03
Last: 12.06.2026 20:03
Sources 1
About this happening:
**AUR packages** are distributing the **atomic-lockfile** **Linux rootkit and infostealer** through compromised build scripts, with **more than 400 packages** reported and the **o...
Atomic-lockfile rootkit-infostealer distribution through AUR packages
Malware ActivityAbout this happening: **AUR packages** are distributing the **atomic-lockfile** **Linux rootkit and infostealer** through compromised build scripts, with **more than 400 packages** reported and the **o...
Timeline
-
09.03.2026 20:31 1 articles · 4mo ago
Malicious OpenClaw-themed npm package uploaded
Untyped PhaseThe malicious npm package @openclaw-ai/openclawai was uploaded to the npm registry by the user openclaw-ai on March 3, 2026. The package was built to masquerade as an OpenClaw installer, trigger a postinstall hook, point the executable to scripts/setup.js, and launch a fake installation flow that set up GhostLoader behavior on macOS hosts.
Show sources
- Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials — thehackernews.com — 09.03.2026 20:31
-
09.03.2026 20:31 2 articles · 4mo ago
JFrog analyzes GhostLoader delivery and data theft capabilities
Technical Analysis UpdateJFrog identified @openclaw-ai/openclawai as a malicious OpenClaw impersonator aimed at macOS developers and hosts, designed to steal system credentials, browser data, crypto wallets, SSH keys, Apple Keychain databases, and iMessage history while installing a persistent RAT with remote access capabilities, SOCKS5 proxying, and live browser session cloning. The analysis also tied the second-stage activity to trackpipe[.]dev and described multi-channel exfiltration through the C2 server, Telegram Bot API, and GoFile.io.
Show sources
- Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials — thehackernews.com — 09.03.2026 20:31
- Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials — thehackernews.com — 09.03.2026 20:31