OpenClaw’s popularity was weaponized by attackers who posted fake “OpenClaw Windows” installers on GitHub and leveraged Bing AI suggestions to drive users to malicious repositories that delivered information stealers and the GhostSocks proxy. Huntress researchers found Vidar (cloudvideo.exe), GhostSocks (serverdrive.exe), and a new “stealth packer” used to run loaders and in-memory payloads, and the malicious accounts and repos have been removed. #OpenClaw #GhostSocks
Keypoints
- Attackers created fake GitHub repositories like openclaw-installer and used Bing AI search suggestions to push malicious installers for “OpenClaw Windows”.
- The malicious release hid OpenClaw_x64.exe inside a 7-Zip archive and, when run, dropped multiple loaders and payloads onto the endpoint.
- Observed payloads included Vidar (cloudvideo.exe) to steal Telegram and Steam credentials and GhostSocks (serverdrive.exe) to turn hosts into TLS residential proxies.
- Researchers identified a previously unseen “stealth packer” that facilitates in-memory execution, firewall rule additions, hidden scheduled tasks, and AntiVM checks.
- Huntress reported the repos to GitHub; users should run AI agents in isolated environments, restrict agent access, and avoid assigning privileged credentials.
Read More: https://www.theregister.com/2026/03/04/fake_openclaw_installers_malware/