From Clawdbot to OpenClaw: When Automation Becomes a Digital Backdoor by Lucie Cardiet

This article analyzes how the autonomous agent Clawdbot (now Moltbot/OpenClaw) turns powerful automation into a high-privilege attack surface: misconfigured or internet-exposed control UIs, malicious plugins and fake editor extensions, prompt-injection via untrusted content, and local credential storage have enabled real-world abuse including infostealer interest and delivery of remote-access trojans; the report documents attacker techniques, detection signals (e.g., Shodan discovery, Control UI auth failures, unusual tool invocations), and provides a detailed hardening checklist and incident response steps.