Hackers exploit OpenClaw to spread malware via GitHub - and a little help from Bing

• Cybercriminals exploit OpenClaw’s popularity with fake variants
• Malicious GitHub repos deliver Vidar and GhostSocks malware
• Malvertising campaigns spread tainted installers via Bing

Whenever a new trendy app or software emerges, cybercriminals try to capitalize on it by smuggling tainted, or outright fake, variants. We’ve seen it numerous times before, for example when ChatGPT first came out.

Now, we’re seeing the same with OpenClaw, the open source AI agent platform which grew immensely popular due to its ability to run tasks directly on a computer, such as reading files, sending messages, or running commands. It is currently one of the most popular AI projects, with more than 100,000 stars on GitHub.

However, there are also fake variants on GitHub that deploy various malware families to the victims - and in a new report, security researchers Huntress said the primary payload is Vidar, an infostealer that ...