"Users who searched Bing's AI results for "OpenClaw Windows" were directed to a malicious GitHub repository that delivered information stealers and GhostSocks onto their machines. The malicious repositories, available on GitHub between February 2 and 10, are yet another example of how quickly scammers co-opt buzzy new technologies and use their popularity to steal credentials and other sensitive data."
"In addition to capitalizing on OpenClaw's popularity, this scam had two other key factors contributing to its success. First, the malware was hosted on GitHub, which users trust. OpenClaw has tens of thousands of forks hosted on GitHub, so users see the fake installers and are more likely to believe it's legitimate code. Plus, this one was connected to a GitHub organization called openclaw-installer, which made it all the more believable."
"Second, the Bing AI search results lent credibility. Simply hosting the malware on GitHub was enough to poison the search results and propel the malicious repo to the top suggestion when someone searched "OpenClaw Windows." Huntress' security researchers spotted the malware on February 9 after a user downloaded and ran the fake installer."
Cybercriminals created malicious GitHub repositories impersonating OpenClaw, an AI agent tool, and successfully manipulated Bing's AI search results to direct users to fake installers. The scam leveraged GitHub's trusted reputation and OpenClaw's legitimate presence on the platform, with the malicious repositories hosted under a deceptively named organization called openclaw-installer. Between February 2-10, users searching for "OpenClaw Windows" through Bing were directed to these repositories, which delivered information stealers and GhostSocks malware. Security researchers at Huntress discovered the attack after a user downloaded the fake installer. The malicious accounts and repositories were subsequently removed, though the incident demonstrates how quickly threat actors exploit emerging technologies and manipulate search algorithms to distribute malware.
#malware-distribution #github-security #ai-search-manipulation #credential-theft #emerging-technology-exploitation
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]