OpenClaw (Clawdbot/Moltbot) Facing Hijack
1 min readLess than 24 hours ago I posted about the launch of “Moltbook“.
Researchers have already found severe security gaps in both Moltbook and many public OpenClaw deployments. Examples: unsecured databases, missing authentication, and lack of sandboxing.
Making it possible for attackers to access API keys, credentials, and even take control of agents. Reports indicate that unsecured Moltbook endpoints once allowed anyone to issue commands to agents after bypassing basic protections. At least one malicious plugin for the ecosystem delivered a remote-access trojan, showing how easily attackers exploit weak controls.
This was always the fear with the emerging technologies “arms race”. AI infrastructure maturing faster than the security practices to secure it. If this continues, we will likely see more hijacks, malware distribution campaigns targeting agent platforms, and cascading trust failures on systems designed to operate with broad privileges and minimal guardrails.