SlowMist: Beware of a malicious npm package named "@openclaw-ai/openclawai"

PA一线
PA一线

PANews reported on March 10 that SlowMist issued a warning about a malicious npm package called "@openclaw-ai/openclawai". This package masquerades as a legitimate command-line tool called OpenClaw Installe, deploying a multi-layered attack chain to steal system credentials, encrypted wallet private keys, browser data, SSH keys, Apple Keychain databases, and other information.

Share to:

Author: PA一线

This content is for market information only and is not investment advice.

Follow PANews official accounts, navigate bull and bear markets together
Telegram Discussion Group
Telegram News Channel
@PANews
Recommended Reading
交易时刻

交易时刻

Trading Moments: Crude oil surges 30%, severely impacting Asian stock markets; Bitcoin remains controlled by macroeconomics.
PA榜单

PA榜单

PANews February 2026 Outstanding Column Content Ranking
Foresight News

Foresight News

A collection of practical OpenClaw skills for Web3 players: covering trading, security, and data analysis.
一周精选

一周精选

Weekly Highlights | AI Doomsday Theories Influence the Entire Week, Multiple Crypto Secrets Exposed
PA一线

PA一线

Hefei High-tech Zone launches 15 robust measures to support crayfish farming, with subsidies up to 10 million yuan.
PA一线

PA一线

Weibo announced its integration with Kimi Claw, enabling remote control of the Lobster Assistant to perform tasks.

Popular Articles

Industry News
Market Trends
Curated Readings
Subscribe
PANews App
24/7 blockchain news tracking and in-depth analysis.
Download PANews App
App StoreGoogle Play