A brand new malware dubbed GhostClaw is concentrating on crypto wallets on macOS machines. The pretend OpenClaw installer captures personal keys, pockets entry, and different delicate information after set up.
The pretend bundle was uploaded by a consumer named ‘openclaw-ai’ on March 3. It remained on the npm registry for per week and contaminated 178 builders earlier than removing on March 10.
@openclaw-ai/openclawai posed as a authentic OpenClaw CLI software however as a substitute ran a multi-stage assault.
The malware collected delicate information from builders. It extracted crypto wallets, macOS Keychain passwords, cloud credentials, SSH keys, and AI agent configs. The extracted information connects hackers to cloud platforms, codebases, and crypto.
GhostClaw scans the clipboard for crypto information each three seconds
The malware screens the clipboard each three seconds to seize crypto information. This consists of personal keys, seed phrases, public keys, and different delicate information associated to crypto wallets and transactions.
As soon as the developer runs the ‘npm set up’ command, a hidden script installs the GhostClaw bundle globally. The software runs an obfuscated setup file on builders’ machines to keep away from detection.
A pretend OpenClaw CLI installer then seems on the display screen. It prompts the sufferer to enter their macOS password by means of a Keychain request. The malware verifies the password utilizing a local system software. After that, it downloads a second JavaScript payload from a distant C2 server. The payload, known as GhostLoader, acts as an information stealer and distant entry software.
Knowledge theft begins after the second payload obtain. GhostLoader does the heavy work. It scans Chromium browsers, Macintosh working system (macOS) Keychain, and system storage for crypto pockets information. It additionally screens the clipboard nearly constantly to seize delicate crypto information.
The malware even clones browser classes. This offers hackers direct entry to logged-in crypto wallets and different associated companies. Furthermore, the malicious software steals API tokens that join devs to AI platforms like OpenAI and Anthropic.
The stolen information is then despatched to menace actors through Telegram, GoFile, and command servers. The malware may run quite a few instructions, deploy extra payloads, and open new distant entry channels.
One other malicious marketing campaign that depends on OpenClaw’s hype unfold on GitHub. The malware, which was found by cybersecurity researchers from OX Safety, goals to contact devs immediately and steal crypto information.
Attackers create issue-threads in GitHub repositories and tag potential victims. Then they falsely state that chosen devs are eligible to obtain $5,000 in CLAW tokens.
The messages then lead recipient devs to a pretend web site that appears precisely like openclaw[.]ai. The phishing web site sends a crypto pockets connection request that begins dangerous actions when accepted by the sufferer. Linking a pockets to the positioning can result in immediate theft of crypto funds, warns OX Safety researchers.
Additional evaluation of the assault reveals that the phishing setup makes use of a redirect chain to token-claw[.]xyz and a command server at watery-compost[.]right now. A JavaScript file with malicious code then steals crypto pockets addresses and transactions and sends them to the hacker.
OX Safety discovered a pockets deal with tied to the menace actor that may maintain stolen crypto. The malicious code has options to observe consumer actions and take away information from native storage. This makes malware detection and evaluation more durable.
The attackers probably deal with customers who’ve interacted with OpenClaw associated repositories to extend their possibilities of crypto theft.
Each assaults depend on social engineering as an entry level to victims’ crypto wallets. Customers mustn’t hyperlink crypto wallets to unknown websites and needs to be cautious of unsolicited token gives on GitHub.