BTC $64,208.82 -1.04%
ETH $1,873.35 -2.51%
BNB $575.09 -0.74%
XRP $1.09 -1.22%
SOL $75.76 -1.83%
TRX $0.3227 -0.40%
DOGE $0.0730 -0.92%
ADA $0.1626 -0.56%
BCH $222.33 -2.28%
LINK $8.40 -1.26%
HYPE $62.29 -6.68%
AAVE $92.21 -4.77%
SUI $0.7480 -0.09%
XLM $0.1897 +1.89%
ZEC $545.60 -3.76%
BTC $64,208.82 -1.04%
ETH $1,873.35 -2.51%
BNB $575.09 -0.74%
XRP $1.09 -1.22%
SOL $75.76 -1.83%
TRX $0.3227 -0.40%
DOGE $0.0730 -0.92%
ADA $0.1626 -0.56%
BCH $222.33 -2.28%
LINK $8.40 -1.26%
HYPE $62.29 -6.68%
AAVE $92.21 -4.77%
SUI $0.7480 -0.09%
XLM $0.1897 +1.89%
ZEC $545.60 -3.76%

慢霧 CISO:警惕惡意 npm 包 “@openclaw-ai/openclawai”,其竊取加密錢包私鑰及系統憑證

2026-03-10 11:55:45
收藏

ChainCatcher 消息,据慢霧科技首席信息安全官 23pds 披露,情報系統發現名為 "@openclaw-ai/openclawai" 的惡意 npm 包正在實施多層攻擊。

該惡意包偽裝成名為 OpenClaw Installer 的合法命令行工具,旨在竊取用戶敏感信息,包括系統憑證、加密錢包私鑰、瀏覽器數據、SSH 密鑰以及 Apple Keychain 數據庫等。

app_icon
ChainCatcher 與創新者共建Web3世界