{"id":95776,"date":"2026-03-31T18:30:00","date_gmt":"2026-03-31T15:30:00","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=95776"},"modified":"2026-03-31T18:35:22","modified_gmt":"2026-03-31T15:35:22","slug":"certik-warns-of-cryptocurrency-theft-risks-via-openclaw","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/certik-warns-of-cryptocurrency-theft-risks-via-openclaw\/","title":{"rendered":"CertiK Warns of Cryptocurrency Theft Risks via OpenClaw"},"content":{"rendered":"<p>The widespread use of digital assistants poses critical risks: users become vulnerable to data leaks, hacks, and cryptocurrency theft. This warning comes from specialists at CertiK.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">What happens when an AI agent gets broad access before security catches up?<\/p>\n<p>Our latest report examines OpenClaw\u2019s attack surface, from gateway takeover and identity bypass to prompt injection and supply chain risk. <\/p>\n<p>Read the full report\ud83d\udc47<a href=\"https:\/\/t.co\/x0RfYYic0T\">https:\/\/t.co\/x0RfYYic0T<\/a><\/p>\n<p>\u2014 CertiK (@CertiK) <a href=\"https:\/\/twitter.com\/CertiK\/status\/2038964552444809608?ref_src=twsrc%5Etfw\">March 31, 2026<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to them, OpenClaw has become the &#8220;leading vector for global software supply chain attacks.&#8221;<\/p>\n<p>The AI agent acts as a bridge between external data and local execution, &#8220;opening standard channels for attacks.&#8221; One such channel is the interception of the local gateway.<\/p>\n<p>Malicious websites or scripts exploit the assistant&#8217;s presence on a device to steal confidential data or perform unauthorized actions.<\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/img-e36ea5f5c2ea2cf0-569126421672233.webp\" alt=\"image\" class=\"wp-image-277756\"\/><figcaption class=\"wp-element-caption\">OpenClaw architecture. Source: CertiK.<\/figcaption><\/figure>\n<p>Particular danger also comes from OpenClaw plugins and malicious skills, which can be installed from local sources or marketplaces.<\/p>\n<p>Unlike traditional viruses, they can manipulate the agent&#8217;s behavior through natural language, making them resistant to ordinary scanning. Once launched, such software can extract sensitive information, including cryptocurrency wallet credentials.<\/p>\n<p>CertiK emphasized that infected components hide within legitimate codebases and download seemingly ordinary URLs. These links ultimately deliver shell commands or malicious scripts.<\/p>\n<h2 class=\"wp-block-heading\">Extensive Network and Recommendations<\/h2>\n<p>Malefactors have deliberately placed malicious skills in various high-value categories: utilities for Phantom, address trackers, tools for finding &#8220;insider&#8221; wallets, Polymarket tools, and Google Workspace integrations.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>&#8220;They have covered an incredibly wide range of the crypto ecosystem, targeting mass infection of browser extension wallets: MetaMask, Phantom, Trust Wallet, Coinbase Wallet, OKX Wallet, and many others,&#8221; the experts added.<\/em><\/p>\n<\/blockquote>\n<p>Researchers also noted that the fraudsters&#8217; actions resemble familiar methods in the digital asset sector. These include social engineering, deception through fake utilities, credential theft, and phishing.<\/p>\n<p>CertiK advised ordinary users\u2014not security experts, developers, or geeks\u2014not to install OpenClaw and to wait for &#8220;more mature, secure, and manageable versions.&#8221;<\/p>\n<h2 class=\"wp-block-heading\">OpenClaw Issues<\/h2>\n<p>OpenClaw emerged as a byproduct of Clawdbot, launched in November 2025. The project quickly gained popularity among developers and users. The number of stars on GitHub exceeded 340,000.<\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/img-48b74b109fde150e-569240412226367.webp\" alt=\"Screenshot 2026-03-31 at 17.38.35\" class=\"wp-image-277757\"\/><figcaption class=\"wp-element-caption\">Source: <a href=\"https:\/\/github.com\/search?q=openclaw&#038;type=repositories\">GitHub<\/a>. <\/figcaption><\/figure>\n<p>In March, a wave of excitement over the AI agent swept China: nearly 1,000 people <a href=\"https:\/\/forklog.com\/en\/news\/china-embraces-openclaw-as-ai-agents-gain-popularity\">lined up<\/a> at Tencent headquarters to install OpenClaw on their computers. However, the country&#8217;s Cyber Center soon <a href=\"https:\/\/forklog.com\/en\/news\/chinas-cyber-centre-warns-of-openclaw-risks-amidst-national-surge\">warned<\/a> of the platform&#8217;s associated risks, leading to the emergence of a paid service for removing the AI agent in China.<\/p>\n<p>Many independent experts also raised questions about the software&#8217;s security. Just weeks after its release, Bitsight specialists discovered 30,000 versions of OpenClaw available for free.<\/p>\n<p>SecurityScorecard researchers found 135,000 copies in 82 countries, of which 15,200 were vulnerable to remote code execution, CertiK noted.<\/p>\n<p>The digital assistant has become &#8220;the most scrutinized platform in terms of security.&#8221; The project has accumulated over 280 GitHub Security Advisories, 100 vulnerabilities (CVE), and &#8220;a series of ecosystem-level attacks.&#8221;<\/p>\n<p>Back in March, the cybersecurity company OX Security had already <a href=\"https:\/\/forklog.com\/en\/news\/openclaw-hype-triggers-phishing-attacks-on-crypto-wallets\">reported<\/a> that malefactors were exploiting OpenClaw&#8217;s popularity to conduct phishing campaigns and steal cryptocurrencies from developers.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Users of AI agents like OpenClaw are vulnerable to data leaks, hacks, and cryptocurrency theft, CertiK warned.<\/p>\n","protected":false},"author":1,"featured_media":95777,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"AI agents like OpenClaw pose risks of data leaks and crypto theft, CertiK warns.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1204,1111,2437],"class_list":["post-95776","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-certik","tag-cybersecurity","tag-openclaw"],"aioseo_notices":[],"amp_enabled":true,"views":"71","promo_type":"1","layout_type":"1","short_excerpt":"AI agents like OpenClaw pose risks of data leaks and crypto theft, CertiK warns.","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/95776","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=95776"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/95776\/revisions"}],"predecessor-version":[{"id":95778,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/95776\/revisions\/95778"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/95777"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=95776"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=95776"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=95776"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}