COINOTAG Logo

ClawHub Supply Chain Attack: 472 Malicious Skills

BTC

BTC/USDT

$71,354.77
+3.55%
24h Volume

$17,366,629,629.18

24h H/L

$71,554.95 / $68,531.50

Change: $3,023.45 (4.41%)

Long/Short
65.5%
Long: 65.5%Short: 34.5%
Funding Rate

-0.0023%

Shorts pay

Data provided by COINOTAG DATALive data
Bitcoin
Bitcoin
Daily

$71,351.87

2.98%

Volume (24h): -

Resistance Levels
Resistance 3$79,008.03
Resistance 2$75,548.63
Resistance 1$72,179.52
Price$71,351.87
Support 1$70,589.27
Support 2$67,300.00
Support 3$62,909.86
Pivot (PP):$70,598.27
Trend:Downtrend
RSI (14):35.3
JM
James Mitchell
(01:08 PM UTC)
2 min read

Contents

1460 views
0 comments

Cybersecurity firm SlowMist's report published on Monday states that ClawHub, the official plugin marketplace of the open-source AI agent project OpenClaw, has become the target of supply chain poisoning attacks. Attackers exploited the platform to spread to users by uploading malicious “skills” due to weak or non-existent review mechanisms. SlowMist's Web3-focused threat intelligence solution MistEye issued high-severity alerts for 472 malicious skills on the platform.

Security report on 472 AI skills on OpenClaw. Source: SlowMist

Detection of 472 Malicious Skills in ClawHub

Malicious skills, disguised as dependency installation packages, contain harmful commands that trigger backdoor functions after being downloaded. These backdoors steal passwords and personal files using Base64 encoding commonly used in crypto tools like BTC detailed analysis, leading to blackmail after data theft. Most attacks originate from the same IP address associated with the socifiapp[.]com domain registered in July 2025 and Poseidon infrastructure.

Attackers' Targeted Crypto and Financial Skills

Skills often carry names related to crypto assets, financial data, and automation tools, aiming to lower users' defenses. SlowMist points to a large-scale operation by a coordinated group. Such attacks threaten the Web3 ecosystem by facilitating data theft on platforms like BTC futures trading. Koi Security's February 1 report also stated that 341 out of 2.857 skills contained malicious code.

Malicious domain linked to supply poisoning attacks. Source: SlowMist

Supply Chain Poisoning Methods and Risks

Supply chain poisoning is a tactic that spreads by infiltrating trusted platforms. Weak review processes in ClawHub gave attackers the opportunity for malicious code injection. Backdoors exfiltrate sensitive data with hidden commands, creating opportunities for blackmail. MistEye's early warnings uncovered the threat at this scale (472 skills).

Security Recommendations for OpenClaw Users

  • Manually check SKILL.md sources and dependencies.
  • Be cautious of suspicious permission requests.
  • Follow reports from SlowMist and Koi, among others.
  • Extra protect your crypto wallets.

This attack highlights security vulnerabilities at the AI-Web3 intersection.

Senior Technical Analyst: James Mitchell

6 years of crypto market analysis

This analysis is not investment advice. Do your own research.

JM

James Mitchell

COINOTAG author

View all posts

Comments

Comments

Other Articles

Bitcoin Price Analysis: Will the Uptrend Continue?

2/8/2026

Ethereum 2.0 Update: How Will It Affect the Crypto Market?

2/7/2026

The Coming of Altcoin Season: Which Coins Will Stand Out?

2/6/2026

DeFi Protocols and Yield Farming Strategies

2/5/2026