Fake OpenClaw installers spread malware

The malicious package, named "@openclaw-ai/openclawai," was designed to resemble a legitimate developer utility. Once executed, it attempts to steal credentials, cryptocurrency wallets, SSH keys, browser data, and developer tokens. The package uses social engineering, including a fake command-line interface with animated progress bars, to trick users into entering their system password. This grants the malware access to the macOS Keychain, which unlocks further credentials and data. The malware installs a Remote Access Trojan (RAT) called GhostLoader, giving attackers control over infected systems. This allows them to execute commands, access files, configure a SOCKS5 proxy, and even clone browser sessions, bypassing multi-factor authentication. The malicious package was uploaded to the npm registry on March 3, 2026, and has been downloaded over 178 times. It's still available for download as of March 9, 2026.