National Internet Emergency Center Releases OpenClaw Security Application Risk Warning

Recently, OpenClaw (“Lobster”, formerly known as Clawdbot, Moltbot) has experienced a surge in application downloads and usage, with major domestic cloud platforms offering one-click deployment services. This intelligent software directly controls the computer based on natural language commands to perform related operations. To enable “autonomous task execution,” the application has been granted high system privileges, including access to local file systems, reading environment variables, calling external service APIs, and installing extensions. However, due to its default security configuration being extremely weak, attackers can easily gain full control of the system once they find a breach.

Initially, improper installation and use of OpenClaw have already posed serious security risks:

1. “Prompt injection” risk. Attackers can craft hidden malicious instructions on web pages to trick OpenClaw into reading the page, potentially leading to the leakage of user system keys.

2. “Misoperation” risk. Due to misinterpretation of user commands and intentions, OpenClaw may completely delete important information such as emails and core production data.

3. Plugin (skills) poisoning risk. Several plugins compatible with OpenClaw have been identified as malicious or pose potential security risks. Once installed, they can perform malicious operations such as stealing keys and deploying Trojan backdoors, turning devices into “zombies.”

4. Security vulnerability risk. To date, multiple high and critical severity vulnerabilities have been publicly disclosed in OpenClaw. If maliciously exploited by cyber attackers, they could lead to system control, privacy breaches, and sensitive data leaks. For individual users, this could result in theft of private data (photos, documents, chat logs), payment accounts, API keys, and other sensitive information. For critical industries like finance and energy, it could lead to leaks of core business data, trade secrets, and code repositories, or even cause entire business systems to crash, resulting in immeasurable losses.

It is recommended that relevant organizations and individual users take the following security measures when deploying and using OpenClaw:

1. Strengthen network controls by not exposing OpenClaw’s default management ports directly to the internet. Use authentication, access control, and other security measures to manage access securely. Isolate the operating environment strictly, using containerization and other technologies to limit OpenClaw’s high privileges.

2. Enhance credential management by avoiding plaintext storage of keys in environment variables; establish comprehensive operation log auditing mechanisms.

3. Strictly manage plugin sources, disable automatic updates, and only install signed extensions from trusted channels.

4. Continuously monitor patches and security updates, and promptly update versions and install security patches.

(Source: National Internet Emergency Center)