Cybersecurity researchers have uncovered a campaign distributing malware through fake installers for OpenClaw, a popular AI agent platform. The attack leveraged both GitHub hosting and AI-generated search results to increase credibility and reach potential victims.
Security analysts at Huntress discovered the operation after investigating an infected system. The user had searched for “OpenClaw Windows” using Microsoft’s Bing AI search, which suggested a link to a GitHub repository containing what appeared to be a legitimate installer.
The repository, operating under the name openclaw-installer, hosted malicious files disguised as official installation packages. Because OpenClaw projects commonly appear on GitHub and the platform is widely trusted among developers, the repository looked convincing to unsuspecting users.
The attackers took additional steps to enhance the illusion of legitimacy. The repository included mostly authentic code copied from other open-source projects, while the actual malware was hidden in downloadable release files packaged in a 7-Zip archive.
Once executed, the installer deployed several malicious payloads. Among them was Vidar, a well-known information-stealing malware capable of collecting credentials and sensitive data from applications such as Telegram and Steam. Another component, GhostSocks, turns infected systems into proxy nodes that attackers can use to route malicious traffic or access compromised accounts while avoiding fraud detection systems.
Researchers also identified custom loaders written in Rust designed to execute the malware directly in memory, making detection more difficult. Evidence suggests the attackers used a previously unseen packing tool called “stealth packer” to conceal and launch the malicious payloads.
GitHub has since removed the repository and associated accounts after reports from researchers. However, investigators noted that similar repositories appeared shortly after the original takedown, suggesting the attackers may attempt to re-establish the distribution network.
The campaign highlights how quickly cybercriminals exploit emerging technologies and trending tools. In this case, the combination of trusted platforms like GitHub and AI-generated search recommendations helped malicious installers appear legitimate.
Security experts recommend downloading software only from official project pages or verified repositories, particularly when installing rapidly growing AI tools that may attract opportunistic attackers.
Leave a Reply