Infostealer harvests OpenClaw AI agent tokens, crypto keys, and behavioral soul files

Feb 2026

Hudson Rock discovered that Vidar infostealer malware successfully exfiltrated an OpenClaw user's complete agent configuration, including gateway authentication tokens, cryptographic keys for secure operations, and the agent's soul.md behavioral guidelines file. OpenClaw stores these sensitive files in predictable, unencrypted locations accessible to any local process. With stolen gateway tokens, attackers could remotely access exposed OpenClaw instances or impersonate authenticated clients making requests to the AI gateway. Researchers characterized this as marking the transition from stealing browser credentials to harvesting the identities of personal AI agents.

Incident Details

Perpetrator:AI agent platform

Severity:Facepalm

Blast Radius:Any OpenClaw user infected with commodity infostealers has full agent identity compromised; gateway tokens enable remote impersonation; cryptographic keys and behavioral guidelines exposed

Tech Stack

OpenClaw

References

The Hacker News: Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens ↗Cyber Security News: Threat Actors Attacking OpenClaw Configurations to Steal Login Credentials ↗