BACK TO ARCHIVE
2026-02-19P0 CATASTROPHIC
CASE #0044

The ClawHub Malware Marketplace

The most downloaded skill on OpenClaw's marketplace turned out to be malware — stealing SSH keys and opening reverse shells.

CONFIRMED
🔓 SECURITY LEAK📢 PR NIGHTMARE
Incident Brief

Security researchers discovered that the number-one most downloaded skill on ClawHub, OpenClaw's official skill marketplace, was trojanized malware. Disguised as a productivity tool, the skill silently exfiltrated SSH keys, crypto wallet files, and browser cookies, while opening a reverse shell to the attacker's server. Over 1,184 malicious skill packages were identified across the marketplace, many with names mimicking legitimate tools.

AFFECTED USERS: ~1,184

ESTIMATED COST: $500,000

Root Cause

The Actual Culprit

ClawHub had no automated malware scanning at launch. Skills were published without code review. The trust model assumed good faith from all contributors.

What Was Done
[OK]Partnered with VirusTotal for automated scanning
[OK]Removed all identified malicious packages
[OK]Notified affected users to rotate credentials
[--]Relied on users to self-audit their systems
Lessons Learned
🛡️

Scan before you trust

Any marketplace that allows code execution needs automated malware scanning from day one, not as a retrofit.

📊

Popularity is not a trust signal

The most downloaded package being malware proves that download counts mean nothing for security.

💀

Root access amplifies everything

When your agent runs with root privileges, a malicious skill doesn't just steal data — it owns the entire machine.

Comments (0)

Loading comments...

0/1000
Case Info
Case Number
#0044
Severity
💀P0 CATASTROPHIC
Severity Level
Date
2026-02-19
Affected Systems
ClawHub Marketplace
User SSH Keys
Crypto Wallets
Browser Sessions
You might also fear...
CASE #0042
The Autonomous Email Flood of 2024
CASE #0038
How One Webhook Wiped a Database
CASE #0035
The Infinite Loop That Cost $47,000
Powered by Weavin →