{"id":95213,"date":"2026-03-13T17:40:06","date_gmt":"2026-03-13T14:40:06","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=95213"},"modified":"2026-03-13T17:45:30","modified_gmt":"2026-03-13T14:45:30","slug":"chinas-cyber-centre-warns-of-openclaw-risks-amidst-national-surge","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/chinas-cyber-centre-warns-of-openclaw-risks-amidst-national-surge\/","title":{"rendered":"China&#8217;s Cyber Centre Warns of OpenClaw Risks Amidst National Surge"},"content":{"rendered":"<p>Amidst the rapid rise in popularity of the OpenClaw service, China&#8217;s National Computer Network Emergency Response Technical Team (CNCERT\/CC) <a href=\"https:\/\/mp.weixin.qq.com\/s\/4Ds8wa_iSgSvnNwH2DfaDw\">issued a warning<\/a> about associated threats.<\/p>\n<p>The agency stated that the software for deploying AI agents has extremely weak security settings by default.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cIf a malicious actor finds an entry point, they can easily gain control over the system,\u201d the statement said.<\/p>\n<\/blockquote>\n<p>CNCERT\/CC highlighted several major issues:<\/p>\n<ul class=\"wp-block-list\">\n<li>prompt injections: hackers can embed hidden instructions on web pages. When read, the AI agent risks exposing the user&#8217;s system keys;<\/li>\n<li>likelihood of erroneous actions \u2014 due to misinterpretation of commands and user intentions, OpenClaw might delete important data, communications, or production databases;<\/li>\n<li>risk of infection through plugins \u2014 after installation, third-party extensions can steal keys, install trojans, and backdoors;<\/li>\n<li>presence of vulnerabilities \u2014 several medium and high-severity flaws have already been identified in OpenClaw. Their exploitation could lead to system takeover and large-scale information leaks.<\/li>\n<\/ul>\n<p>Agency representatives emphasized that ordinary users might face theft of personal information, payment accounts, or <span data-descr=\"application programming interface\" class=\"old_tooltip\">API<\/span> keys. For critical sectors like finance and energy, the consequences could be far more severe.<\/p>\n<h2 class=\"wp-block-heading\">Security Recommendations<\/h2>\n<p>CNCERT\/CC experts provided recommendations for organizations and ordinary users on installing OpenClaw:<\/p>\n<ul class=\"wp-block-list\">\n<li>strengthening network control: management ports should not be directly accessible from the internet. Authentication, access control, and strict isolation of the execution environment are necessary;<\/li>\n<li>improving credential management: do not store keys in plain text and implement an audit system for actions and logs;<\/li>\n<li>strict plugin control \u2014 disable automatic updates and install extensions only from trusted sources;<\/li>\n<li>monitoring security updates.<\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\">Chinese Hype<\/h2>\n<p>The country is witnessing unprecedented interest in OpenClaw \u2014 citizens <a href=\"https:\/\/forklog.com\/en\/news\/china-embraces-openclaw-as-ai-agents-gain-popularity\">queue up<\/a> for help in installing the software. Chinese IT companies are competing to provide services based on the solution, and educational events are being held across China to promote the adoption of the technology.<\/p>\n<p>Afra Wang, a journalist covering the local AI sector, attended one such event and confirmed the enormous interest in the software: organizers even had to limit the number of participants due to a lack of space.<\/p>\n<p>Major corporations are quickly responding to the trend. Alibaba <a href=\"https:\/\/copaw.bot\/\">released<\/a> a system for configuring AI agents called CoPaw, which works with messengers and third-party models. On March 13, the company <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2026-03-13\/alibaba-debuts-openclaw-app-to-feed-china-s-agentic-ai-addiction?srnd=phx-technology\">introduced<\/a> the JVS Claw app for iOS and Android \u2014 it allows users without programming skills to install OpenClaw on their smartphones. Baidu <a href=\"https:\/\/mp.weixin.qq.com\/s\/0zzSHy9xGS2KlvXEu8CS4g\">released<\/a> a similar service for Android.<\/p>\n<p>Bloomberg <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2026-03-12\/openclaw-frenzy-drives-china-s-agentic-ai-adoption-raises-security-concerns\">added<\/a> that the wave of enthusiasm has swept across various segments of the population \u2014 from students to retirees. The hype has generated a stream of compatible products, potentially positioning the country at the forefront of agentic AI.<\/p>\n<p>Local authorities are also financially supporting the new direction. In the Longgang district (Shenzhen), developers and businesses are offered substantial subsidies for implementing AI agents. Companies can receive up to 2 million yuan ($300,000) for developing new \u201cskills\u201d for the agent, vouchers covering 40% of the cost of implementing a \u201cdigital employee,\u201d a 30% discount on equipment, and up to 10 million yuan ($1.5 million) in investments.<\/p>\n<p>Startups are offered two months of free housing rent, an 18-month office discount, and three months of free computing power.<\/p>\n<p>The popularity of OpenClaw has led to a rally in the Chinese stock market \u2014 since the beginning of March, the total capitalization of relevant Chinese companies has increased by more than $100 billion, Bloomberg noted.<\/p>\n<h2 class=\"wp-block-heading\">Restrictions for the Public Sector<\/h2>\n<p>Amidst the sharp rise in OpenClaw&#8217;s popularity and the notice of its potential risks, Chinese authorities <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2026-03-11\/china-moves-to-limit-use-of-openclaw-ai-at-banks-government-agencies\">began restricting<\/a> the use of applications based on the software on work computers in state-owned companies and institutions.<\/p>\n<p>Bloomberg found that government bodies and enterprises have been instructed not to install OpenClaw on work devices for security reasons.<\/p>\n<p>The ban also extends to military families.<\/p>\n<p>Back in February, OpenClaw <a href=\"https:\/\/forklog.com\/en\/news\/openclaw-ai-agent-runs-amok-deletes-meta-researchers-emails\">deleted<\/a> a Meta researcher&#8217;s email, despite commands not to do so.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Amidst the rapid rise in popularity of the OpenClaw service, China&#8217;s National Computer Network Emergency Response Technical Team warned about associated threats.<\/p>\n","protected":false},"author":1,"featured_media":95214,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"China's cyber centre warns of OpenClaw risks amid national surge.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1751,438,133,1111],"class_list":["post-95213","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-ai-agents","tag-artificial-intelligence","tag-china","tag-cybersecurity"],"aioseo_notices":[],"amp_enabled":true,"views":"233","promo_type":"1","layout_type":"1","short_excerpt":"China's cyber centre warns of OpenClaw risks amid national surge.","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/95213","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=95213"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/95213\/revisions"}],"predecessor-version":[{"id":95215,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/95213\/revisions\/95215"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/95214"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=95213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=95213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=95213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}