The post Malicious OpenClaw Plugins Target Crypto Traders, Bitget Urges Immediate Key Resets appeared on BitcoinEthereumNews.com.

Bitget warned users this week after its security team discovered malicious plugins on ClawHub, the community repository for the AI assistant OpenClaw. The exchange said the entries were disguised as helpful “skills” but in several cases prompted people to paste terminal commands or to download utilities that quietly installed malware designed to steal account credentials, API keys and wallet data. The mechanics are simple and effective. A skill will walk a user through a short setup and ask them to run a single obfuscated command; that command fetches and executes a remote script, which then scours the machine for browser sessions, saved keys and other secrets. In a number of reported cases, a malicious skill briefly appeared on ClawHub’s front page, raising the chance that nontechnical users would follow instructions without realizing the risk. Security teams that have been scanning the marketplace say the scale is alarming. Audits of thousands of skills turned up well over three hundred entries that behave maliciously, with many delivering information-stealing payloads such as variants of Atomic Stealer and related trojans. Those findings have framed the incident as a coordinated supply-chain poisoning campaign rather than a handful of accidental bad uploads. From Convenience to Compromise Analysts say attackers relied heavily on social engineering, publishing skills that posed as crypto trading helpers or wallet utilities and instructing users to perform setup steps that seemed routine. In several incidents, skills uploaded within a window tricked users by mimicking legitimate tools, a technique that helped the malware spread before defenders removed the listings. Part of the problem is the platform’s power. OpenClaw runs locally and can legitimately execute shell commands, read files and interact with networks on behalf of its user; that capability makes useful automations possible but also gives a malicious skill direct access to sensitive data.…

---

Filed under: News - @ February 12, 2026 4:12 am