1. Forum
  2. tqwNet
  3. TQW GENTECH

  • 'The math is simple': OpenClaw 'Trojan Horse' AI agents give hack

    From TechnologyDaily@1337:1/100 to All on Wednesday, April 22, 2026 01:15:27
    'The math is simple': OpenClaw 'Trojan Horse' AI agents give hackers full control of 28,000+ systems

    Date:
    Wed, 22 Apr 2026 00:05:00 +0000

    Description:
    Rapid adoption of AI agents without proper safeguards is leading to exposed systems, data risks, and increased opportunities for attackers to exploit access controls.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter OpenClaw exposures reveal thousands of internet accessible high risk systems AI agents are being deployed with excessive permissions across critical environments Remote code execution vulnerabilities expose most observed OpenClaw deployments Agentic systems are moving quickly from experimentation into everyday workflows, yet recent findings suggest security practices are not keeping pace.

    According to SecurityScorecard , thousands of OpenClaw deployments are
    exposed directly to the internet with minimal safeguards. The team identified 40,214 internet-exposed OpenClaw instances in total, with 28,663 unique IP addresses hosting control panels accessible from anywhere on the internet. Article continues below You may like Always-on AI Agents put everything hackers could ever want behind a single attack surface OpenClaw is making terrifying mistakes showing AI agents aren't ready for real responsibility Your OpenClaw agents can empty your inbox and leak your data. Here's how to secure them Exposed AI agents become a hacker's dream target "The math is simple: when you give an AI agent full access to your computer, you give that same access to anyone who can compromise it," the researchers stated.

    Approximately 63% of observed deployments appear vulnerable to remote code execution, allowing attackers to take over the host machine without user interaction.

    Of the exposures, there were three high-severity Common Vulnerabilities and Exposures affecting OpenClaw, with CVSS scores ranging from 7.8 to 8.8.

    Public exploit code is already available for all three vulnerabilities, meaning attackers do not need advanced skills to compromise exposed systems. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    The research also found that 549 exposed instances correlate with prior
    breach activity, and 1,493 are associated with known vulnerabilities that compound the risk for users.

    The exposed deployments are heavily concentrated in major cloud and hosting providers, indicating repeatable and easily replicated insecure deployment patterns.

    OpenClaw, formerly known as Moltbot and Clawdbot , markets itself as a personal AI agent that can schedule meetings, send emails, and manage tasks
    on behalf of users. What to read next OpenClaw AI agents targeted by infostealer malware for the first time Chinese government cracks down on in-office OpenClaw use over potential security risks The mobile app traffic your security team can't see and AI agents are generating it

    The problem is not the AI's capabilities but the access and permissions granted to these systems without proper security controls.

    "In practice, because it was written by AI, security wasn't a dominating feature in the development process," said Jeremy Turner, VP of Threat Intelligence at SecurityScorecard.

    "For the folks that want to use the more agentic AI systems, you really need to take careful consideration in what integrations you support and what permissions you actually give."

    Many users are configuring these bots with personal names and company names, revealing exactly who is using these AI tools and making them attractive targets for attackers.

    Any time a user connects an AI agent to a platform, they are giving it an identity with specific permissions.

    That identity may be able to post content, access email, read files, or interact with other systems on the user's behalf.

    "The risk isn't that these systems are thinking for themselves," Turner said. "It's that we're giving them access to everything."

    "It's like handing your laptop to a stranger on the street and hoping nothing bad happens Any of the communications on that device are going to be interfaces from untrusted third parties that can take certain actions."

    A compromised agent could be instructed to transfer funds, delete files, or send malicious messages without raising immediate alarms because the behavior appears legitimate.

    Unfortunately, the report reveals a fundamental disconnect between AI
    adoption and security practices.

    Users are being asked to give these agents broad system access, and in many cases, that has already led to data exposure, unintended actions, and loss of control.

    In some cases, OpenClaw takes actions beyond what users explicitly instruct , and Microsoft has since advised that it should not be run on standard
    personal or enterprise devices .

    Chinese authorities have restricted its use in office environments due to its tendency for data exposure and broader security risks.

    Some OpenClaw vulnerabilities allow hackers to access sensitive data, and it has been used to distribute malware through GitHub repositories .

    "Don't just blindly download one of these things and start using it on a system that has access to your whole personal life. Build in some separation and run some experiments of your own before you really trust the new technology to do what you want it to do," Turner said. Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/the-math-is-simple-openclaw-trojan-hors e-ai-agents-give-hackers-full-control-of-28-000-systems


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)