ClawdBot: The New Primary Target for Infostealers in the AI Era

Executive summary: ClawdBot, a local-first personal AI, persists sensitive data (memories, profiles, authentication tokens, VPN and service credentials) as plaintext Markdown/JSON under user directories (e.g., ~/.clawdbot, ~/clawd), creating a high-value target for commodity infostealers. The report documents how MaaS families (RedLine, Lumma, Vidar) are adapting to harvest these files (providing example paths and regex IOCs), explains downstream impacts (credential-driven breaches, Atlassian/Jira abuse, ransomware entry), and warns of additional threats such as "memory poisoning" that can create persistent insider-like backdoors; recommendations include encryption-at-rest, containerization, and use of OS keychains.