Hackers exploit vulnerabilities in OpenClaw to control 28,000 systems

2026-04-23 · Source: Dataconomy · Field: Technology & Digital — Cybersecurity & Data Privacy, Artificial Intelligence & Machine Learning · Depth: Intermediate, quick

Summary

Hackers are actively exploiting vulnerabilities in OpenClaw, an AI agent previously known as Moltbot and Clawdbot, leading to the compromise of over 28,000 systems globally. SecurityScorecard's analysis identified 40,214 internet-exposed OpenClaw instances, with 28,663 unique IP addresses hosting control panels accessible worldwide. Approximately 63% of these deployments are susceptible to remote code execution, allowing attackers to take control of host machines. Three high-severity CVEs, with CVSS scores between 7.8 and 8.8, have public exploit code available. Many insecure deployments are found within major cloud providers, and 549 instances correlate with prior breach activity, while 1,493 are linked to known vulnerabilities. The core issue stems from excessive permissions granted to these AI agents without adequate security.

Key takeaway

For CTOs and VPs of Engineering evaluating AI agent deployments, your teams must prioritize robust security architectures and strict permission controls. Do not deploy AI agents, especially those like OpenClaw, without thoroughly vetting their security posture and isolating them from critical systems. Implement sandboxing and conduct independent security experiments before integrating new AI technologies into your operational environment to mitigate significant data exposure and control loss risks.

Key insights

Insecure AI agents with excessive permissions pose significant remote code execution risks.

Principles

• AI agent security is often an afterthought.
• Excessive permissions amplify AI agent risks.
• Public exploits increase vulnerability urgency.

In practice

• Avoid indiscriminate AI agent deployment.
• Isolate AI agents in sandboxed environments.
• Review AI agent integrations and permissions.

Topics

• OpenClaw Vulnerabilities
• AI Agent Security
• Remote Code Execution
• Internet-Exposed Systems
• Cybersecurity Threats

Best for: CTO, VP of Engineering/Data, Director of AI/ML, AI Security Engineer, Security Engineer, MLOps Engineer

Related on AIssential

• OpenClaw gives users yet another reason to be freaked out about security — A critical vulnerability in OpenClaw allowed unauthenticated administrative access, highlighting risks of autonomous AI agents.
• not good for OPENCLAW — AI agent ecosystems face severe security risks from prompt injection, malware-infected skills, and container escapes.
• Most enterprises can't stop stage-three AI agent threats, VentureBeat survey finds — Enterprises lack critical enforcement and isolation controls for advanced AI agent security threats.
• An OpenClaw AI agent asked to delete a confidential email nuked its own mail client and called it fixed — Autonomous AI agents with tool access and memory are highly vulnerable to compromise and data leakage.
• openclaw skills gave ai agents superpowers. lock them down. — OpenClaw skills, while powerful, pose significant supply chain risks due to their deep access and potential for hidden malicious instructions.
• [D] We found 18K+ exposed OpenClaw instances and ~15% of community skills contain malicious instructionsc — Autonomous agent frameworks like OpenClaw present novel and severe security risks, particularly from unreviewed community skills.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Dataconomy.