National Internet Emergency Center: Risk Warning Regarding OpenClaw Security Application

Recently, OpenClaw (also known as “Lobster,” formerly Clawdbot, Moltbot) has seen a surge in application downloads and usage, with major domestic cloud platforms offering one-click deployment services. This intelligent agent software directly controls the computer to perform related operations based on natural language commands. To enable “autonomous task execution,” the application has been granted high system privileges, including access to local file systems, reading environment variables, calling external service APIs, and installing extensions. However, due to its default security configuration being extremely weak, attackers can easily gain full control of the system once a breach point is found.

Initially, improper installation and use of OpenClaw have already posed serious security risks:

1. “Prompt Injection” Risk. Cyber attackers can craft hidden malicious instructions within web pages to trick OpenClaw into reading the page, potentially leading to leakage of user system keys.

2. “Misoperation” Risk. Due to misinterpretation of user commands and intentions, OpenClaw may delete important information such as emails and core production data.

3. Plugin (skills) Poisoning Risk. Several plugins compatible with OpenClaw have been identified as malicious or pose potential security risks. After installation, they can perform malicious operations such as stealing keys or deploying trojan backdoors, turning devices into “zombies.”

4. Security Vulnerability Risks. To date, multiple high and critical severity vulnerabilities have been publicly disclosed in OpenClaw. If exploited maliciously by cyber attackers, it could lead to system control, privacy breaches, and sensitive data leaks. For individual users, this may result in theft of private data (photos, documents, chat logs), payment accounts, API keys, and other sensitive information. For critical industries like finance and energy, it could lead to leaks of core business data, trade secrets, and code repositories, or even cause entire business systems to crash, resulting in immeasurable losses.

It is recommended that relevant organizations and individual users take the following security measures when deploying and using OpenClaw:

1. Strengthen network controls, do not expose OpenClaw’s default management ports directly to the internet. Use authentication, access control, and other security measures to manage access to services. Isolate the operating environment strictly, and use containerization or similar technologies to limit OpenClaw’s high privileges;

2. Enhance credential management, avoid storing keys in plaintext environment variables; establish comprehensive operation log auditing mechanisms;

3. Strictly manage plugin sources, disable automatic updates, and only install signed extensions from trusted channels;

4. Continuously monitor patches and security updates, promptly update versions and install security patches.

Source: National Internet Emergency Center (CNCERT)

Risk Warning and Disclaimer

Market risks exist; investment should be cautious. This article does not constitute personal investment advice and does not consider individual users’ specific investment goals, financial situations, or needs. Users should consider whether any opinions, views, or conclusions in this article are suitable for their particular circumstances. Invest at your own risk.