112/69 Wednesday, February 25, 2026
OpenClaw, nicknamed “Nong Kung,” launched in November 2025 as an open-source intelligent AI agent designed to run directly on personal computers. It can automate various tasks, such as connecting to chat applications like WhatsApp or Discord, reading and writing files, managing calendars, and searching for information online. However, the project has had a turbulent development history. It was originally named ClawdBot but faced naming conflicts with Anthropic’s Claude tool. It was later rebranded as Moltbot, which then became a target for cybercriminal impersonation campaigns. Ultimately, the project adopted the name OpenClaw. These trademark disputes and misuse incidents have affected the software’s credibility since its early stages.
From a security perspective, a recent report by Hudson Rock highlights emerging threats. Researchers found that infostealer malware can extract OpenClaw’s configuration files and identity data from infected machines-not just browser-stored passwords. This includes encryption keys and other sensitive credentials, potentially enabling attackers to fully compromise user accounts and access personal data. Experts have compared OpenClaw to “an eager but careless intern,” noting its vulnerability to prompt injection attacks and its tendency to be granted overly broad access permissions. In one reported case, even a Meta AI security employee was unable to stop OpenClaw from deleting a large number of emails from their inbox. As a result, the Dutch Data Protection Authority has warned organizations against deploying experimental AI agents like OpenClaw in systems that handle sensitive data.
For those considering the use of OpenClaw or similar AI agents, Microsoft has issued baseline technical recommendations to reduce risk. AI agents should operate in restricted environments, such as sandboxed virtual machines or containers, with the principle of least privilege strictly enforced. Direct access to sensitive data should be avoided. Organizations should carefully verify the source of any installed skills or extensions, continuously monitor activity logs for anomalies, and prepare incident response plans-including full system resets and credential rotation if necessary. Real-time anti-malware protection should also be deployed and regularly updated to detect infostealers promptly. Given that OpenClaw remains under active development and its security posture is not yet mature, deploying it in production enterprise environments presents significant risks that must be carefully evaluated.
Source https://www.malwarebytes.com/blog/news/2026/02/openclaw-what-is-it-and-can-you-use-it-safely
