BlockBeats 消息,2 月 20 日,慢雾创始人余弦转帖发布安全提醒,目前 OpenClaw 的 ClawHub 市场共发现 1184 个恶意技能,这些技能会窃取 SSH 密钥、加密钱包、浏览器密码并打开反向 shell。仅一名攻击者就上传了 677 个软件包。排名第一的技能存在 9 个漏洞,下载量达数千次。
余弦提醒用户,文本不再是文本,而是指令。建议通过独立环境使用 AI 工具,许多 OpenClaw 技能存在潜在风险。此外,Web3 安全里合约只是一部分,真正事故原因早已不仅仅是合约。前几日 Moonwell 被盗 178 万美元,缺陷代码来自 Co-Authored-By:Claude Opus 4.6。
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Articoli correlati
EtherRAT Malware Recently Identified Combining Credential Theft and Cryptocurrency Wallet Attacks
According to LevelBlue SpiderLabs researchers, EtherRAT, a recently identified malware, combines credential theft, remote access, and cryptocurrency wallet attacks in a single coordinated campaign. The malware is distributed through fake Tftpd64 installers hosted on fraudulent GitHub repositories de
GateNews1h fa
Hundreds of Dormant Ethereum Wallets Drained by Single Address
According to ChainCatcher, hundreds of Ethereum wallets dormant for over seven years were drained by a single address today (May 2), according to crypto analyst Wazz. Aragon team member @TheTakenUser confirmed their wallet funds were transferred without authorization. The cause of the incident
GateNews2h fa
Zcash Foundation Releases Zebra 4.4.0, Fixes Consensus-Level Security Vulnerabilities
According to Zcash Foundation, Zebra 4.4.0 was released today, fixing multiple consensus-level security vulnerabilities and urging all node operators to upgrade immediately. The vulnerabilities include a denial-of-service flaw that could halt block discovery permanently, sigops counting errors
GateNews4h fa
Wasabi Protocol's EVM Deployment Hit by Security Incident on April 30, Now Contained
According to Wasabi Protocol's official statement, the protocol suffered a security incident affecting its EVM deployment on April 30, which has now been fully contained. The Solana deployment and Prop AMM remained unaffected. The project has closed attack vectors, rotated credentials and keys, and
GateNews4h fa
Hundreds of Ethereum Wallets Simultaneously Hacked, Assets Transferred
Hundreds of Ethereum (ETH) wallets, including some inactive for over seven years, were simultaneously compromised in an unusual transaction event on the Ethereum network, according to Coin Bureau and the cryptocurrency community. Assets from the affected wallets were moved to the same address,
CryptoFrontier12h fa
Digital Asset Security Moves Beyond Keys as Bitgo Adds 5-Layer Checks
Bitgo is pushing digital asset security beyond private keys with a five-layer transaction model designed to stop manipulation before execution. The system checks intent, device, identity, behavior, and policy, targeting risks before transactions are finalized.
Key Takeaways:
Bitgo introduced five
Coinpedia14h fa
