OpenClaw Attack: 1,100 Malicious Plugins Expose 135,000 Users to Crypto Theft

Edgen Crypto

·Feb 20 2026, 04:02

Share to

Share to

Copy link

Key Takeaways

A massive supply chain attack has compromised the OpenClaw plugin marketplace, ClawHub, with security researchers discovering over a thousand malicious plugins. The attack specifically targets sensitive user data, including cryptocurrency wallets, creating a direct risk of financial theft for a large user base.

Massive Infiltration: Researchers identified 1,184 malicious "skills" on ClawHub, with a single attacker responsible for uploading 677 of them.
High-Value Targets: The plugins are designed to steal sensitive data including cryptocurrency wallets, private SSH keys, and browser passwords.
Widespread Exposure: Over 135,000 publicly exposed OpenClaw instances are vulnerable to the attack, signaling a significant security failure.

Researchers Uncover Over 1,100 Malicious Plugins

Security researchers have identified a major supply chain attack targeting OpenClaw's ClawHub, a marketplace for AI agent plugins. The investigation uncovered 1,184 malicious packages, referred to as "skills," designed to compromise user systems. A single threat actor was responsible for uploading 677 of these malicious plugins, indicating a coordinated and large-scale campaign to infiltrate the OpenClaw ecosystem.

Over 135,000 Instances Exposed to Asset Theft

The attack places more than 135,000 publicly exposed OpenClaw instances at direct risk of data exfiltration. The malicious skills are engineered to steal highly sensitive user information, including private SSH keys, cryptocurrency wallet files, and stored browser passwords. This creates a significant threat of direct financial loss for affected users, as compromised crypto wallets could be drained of their digital assets.

Attack Triggers Scrutiny of AI Plugin Security

This incident is expected to severely damage user trust in the OpenClaw platform and its ClawHub marketplace. Beyond the immediate platform, the attack highlights a systemic vulnerability within the rapidly growing ecosystem of AI agents and their third-party plugin marketplaces. The event will likely force a broader industry review of security vetting processes for plugins, as platforms rush to prevent similar supply chain attacks that could undermine the adoption of AI agent technology.