The post Critical Exploit in Openclaw Allows Full Administrative Hijacking – Featured Bitcoin News appeared on BitcoinEthereumNews.com. The ‘Trusted EnvironmentThe post Critical Exploit in Openclaw Allows Full Administrative Hijacking – Featured Bitcoin News appeared on BitcoinEthereumNews.com. The ‘Trusted Environment

Critical Exploit in Openclaw Allows Full Administrative Hijacking – Featured Bitcoin News

For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com

The ‘Trusted Environment’ Fallacy

A March 31 study by Web3 security firm Certik has pulled back the curtain on a “systemic collapse” of security boundaries within Openclaw, an open-source artificial intelligence (AI) platform. Despite its rapid ascent to more than 300,000 Github stars, the framework has accumulated more than 100 CVEs and 280 security advisories in just four months, creating what researchers call an “unbounded” attack surface.

The report highlights a fundamental architectural flaw: Openclaw was originally designed for “trusted local environments.” However, as the platform’s popularity exploded, users began deploying it on internet-facing servers—a transition the software was never equipped to handle.

According to the study report, researchers identified several high-risk failure points that jeopardize user data, including the critical vulnerability, CVE-2026-25253, which allows attackers to seize full administrative control. By tricking a user into clicking a single malicious link, hackers can steal authentication tokens and hijack the AI agent.

Meanwhile, global scans revealed more than 135,000 internet-exposed Openclaw instances across 82 countries. Many of these had authentication disabled by default, leaking API keys, chat histories and sensitive credentials in plaintext. The report also asserts that the platform’s repository for user-shared “skills” has been infiltrated by malware and hundreds of these extensions were found to be bundling infostealers designed to siphon saved passwords and cryptocurrency wallets.

Furthermore, attackers are now hiding malicious instructions within emails and webpages. When the AI agent processes these documents, it can be forced to exfiltrate files or execute unauthorized commands without the user’s knowledge.

“Openclaw has become a case study in what happens when large language models stop being isolated chat systems and start acting inside real environments,” said a lead auditor from Penligent. “It aggregates classic software defects into a runtime with high delegated authority, making the blast radius of any single bug massive.”

Mitigation and Safety Recommendations

In response to these findings, experts are urging a “security-first” approach for both developers and end users. For developers, the study recommends establishing formal threat models from day one, enforcing strict sandbox isolation and ensuring that any AI-spawned subprocess inherits only low-privilege, immutable permissions.

For enterprise users, security teams are urged to use endpoint detection and response (EDR) tools to locate unauthorized Openclaw installations within corporate networks. On the other hand, individual users are encouraged to run the tool exclusively in a sandboxed environment with no access to production data. Most importantly, users must update to version 2026.1.29 or later to patch known remote code execution (RCE) flaws.

While Openclaw’s developers recently partnered with Virustotal to scan uploaded skills, Certik researchers warn this is “no silver bullet.” Until the platform reaches a more stable security phase, the industry consensus is to treat the software as inherently untrusted.

FAQ ❓

  • What is Openclaw? Openclaw is an open‑source AI framework that quickly grew to 300,000+ GitHub stars.
  • Why is it risky? It was built for trusted local use but is now widely deployed online, exposing major flaws.
  • What threats exist? Critical CVEs, malware‑infected extensions, and 135,000+ exposed instances across 82 countries.
  • How can users stay safe? Run only in sandboxed environments and update to version 2026.1.29 or later.

Source: https://news.bitcoin.com/study-critical-exploit-in-openclaw-allows-full-administrative-hijacking/

Market Opportunity
LETSTOP Logo
LETSTOP Price(STOP)
$0.001985
$0.001985$0.001985
-1.58%
USD
LETSTOP (STOP) Live Price Chart

World Cup Combo: Aim for 200x

World Cup Combo: Aim for 200xWorld Cup Combo: Aim for 200x

Combine up to 20 World Cup matches in one order

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

Metaplanet buys 5,075 Bitcoin in Q1 to become 3rd-largest treasury

Metaplanet buys 5,075 Bitcoin in Q1 to become 3rd-largest treasury

Metaplanet lifted its Bitcoin holdings to 40,177 in Q1 after buying over $400 million of BTC to become the third-largest BTC treasury.
Share
Coin Telegraph2026/04/02 18:04
Adoption Leads Traders to Snorter Token

Adoption Leads Traders to Snorter Token

The post Adoption Leads Traders to Snorter Token appeared on BitcoinEthereumNews.com. Largest Bank in Spain Launches Crypto Service: Adoption Leads Traders to Snorter Token Sign Up for Our Newsletter! For updates and exclusive offers enter your email. Leah is a British journalist with a BA in Journalism, Media, and Communications and nearly a decade of content writing experience. Over the last four years, her focus has primarily been on Web3 technologies, driven by her genuine enthusiasm for decentralization and the latest technological advancements. She has contributed to leading crypto and NFT publications – Cointelegraph, Coinbound, Crypto News, NFT Plazas, Bitcolumnist, Techreport, and NFT Lately – which has elevated her to a senior role in crypto journalism. Whether crafting breaking news or in-depth reviews, she strives to engage her readers with the latest insights and information. Her articles often span the hottest cryptos, exchanges, and evolving regulations. As part of her ploy to attract crypto newbies into Web3, she explains even the most complex topics in an easily understandable and engaging way. Further underscoring her dynamic journalism background, she has written for various sectors, including software testing (TEST Magazine), travel (Travel Off Path), and music (Mixmag). When she’s not deep into a crypto rabbit hole, she’s probably island-hopping (with the Galapagos and Hainan being her go-to’s). Or perhaps sketching chalk pencil drawings while listening to the Pixies, her all-time favorite band. This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Center or Cookie Policy. I Agree Source: https://bitcoinist.com/banco-santander-and-snorter-token-crypto-services/
Share
BitcoinEthereumNews2025/09/17 23:45
The changing face of elder care in Malaysia — Sayed Mohammad Reza Yamani Sayed Umar

The changing face of elder care in Malaysia — Sayed Mohammad Reza Yamani Sayed Umar

JULY 10 — An elderly society is becoming increasingly prevalent in Malaysia at present. It is projected that the p...
Share
Malaymail2026/07/10 15:24

Activate to Enjoy Special Perks

Activate to Enjoy Special PerksActivate to Enjoy Special Perks

Access 0 fees, premium support, and loss coverage.