Infostealer Malware Steals OpenClaw AI Identity and Memory Files Exposed

Post Views: 17

Malware Targets Personal AI Identity Files

A recent discovery by Hudson Rock researchers has shed light on a disturbing trend in malware behavior, where attackers are now targeting personal AI identity files. In a live infection case, an infostealer successfully exfiltrated a victim’s entire OpenClaw configuration, highlighting the vulnerability of these AI systems.

The Attack

The malware, which used a broad routine to sweep the computer for sensitive folders, stumbled upon a folder named “.openclaw” and seized the opportunity to capture the user’s digital life. This directory belonged to an AI system called OpenClaw, which stores a vast amount of personal context to provide helpful assistance.

The attackers managed to retrieve the victim’s redacted address and specific workspace path, providing a direct map of where the victim stores their most sensitive digital work. Three vital files were stolen, including openclaw.json, device.json, and soul.md. The openclaw.json file contained the victim’s Gmail address and a Gateway Token, which could allow a stranger to control the AI remotely.

The device.json file, on the other hand, contained the privateKeyPem, enabling a hacker to sign messages as if they were the victim’s own device, bypassing almost all safety checks. The soul.md file, along with others like MEMORY.md, provided a “blueprint of the user’s life,” including daily logs, private messages, and calendar events.

Assessing the Damage

Hudson Rock’s AI system, Enki, analyzed the stolen files and assessed the damage, revealing a shocking level of exposure. The AI’s behavioral limits and access level to the user’s data were compromised, highlighting the severity of the attack.

A Call to Action

As AI tools become increasingly essential to daily life, this case serves as a warning that our digital habits are becoming just as valuable as our bank accounts. It is crucial that we start treating our AI folders with the same care we give to our house keys. The motivation for attackers to steal our digital identities will only continue to grow, and it is essential that we take proactive measures to protect ourselves.

“The Hudson Rock report concludes that our digital habits are becoming a prime target for cybercriminals, and it is essential that we acknowledge this shift in malware behavior. By understanding the risks associated with AI identity files, we can take steps to safeguard our digital lives and prevent similar attacks in the future.”