More than 230 malicious OpenClaw skills were published in under a week on ClawHub and GitHub, impersonating legitimate utilities to deliver info-stealing payloads that target API keys, wallets, credentials, and sensitive files. The campaign uses detailed documentation to trick users into running a malicious โAuthToolโ installer that drops a NovaStealer variant capable of bypassing macOS Gatekeeper, prompting calls for isolation and stricter registry review. #NovaStealer #OpenClaw
Keypoints
- Attackers uploaded over 230 malicious OpenClaw skills to ClawHub and GitHub within days.
- Malicious skills impersonate legitimate tools and include detailed docs instructing users to run a fake โAuthToolโ.
- โAuthToolโ delivers a NovaStealer variant that can bypass macOS Gatekeeper and exfiltrate wallets, API keys, and credentials.
- Researchers from OpenSourceMalware and Koi Security found hundreds of malicious skills and typosquats and provided scanner tools.
- Recommended defenses include isolating OpenClaw in VMs, restricting permissions and ports, and verifying skills before deployment.