GoPlus: The Skill app, which once topped the ClawHub download charts, is actually a trojan program, and some users have already suffered asset losses.

ForesightNews2026/02/20 10:11

Show original

Foresight News reported, according to GoPlus monitoring, the Skill "What Would Elon Do," which once topped the ClawHub download charts, is actually a trojan program. Attackers used bots to inflate numbers and manipulate rankings to push it to the top, luring a large number of users to install it.

After installation, this malicious Skill steals users' SSH keys, crypto wallet private keys, and browser cookies, and establishes a reverse shell to the attacker's server, resulting in actual asset losses for users. This incident exposes a serious new supply chain attack vector within the Skill ecosystem. GoPlus reminds users to stop running OpenClaw without proper protection.

Additionally, according to chiefofautism, a total of 1,184 malicious Skills have been found in the entire ClawHub marketplace, with a single attacker uploading 677 malicious packages alone.

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Earn new token airdrops

Lock your assets and earn 10%+ APR

Lock now!

GoPlus: The Skill app, which once topped the ClawHub download charts, is actually a trojan program, and some users have already suffered asset losses.

You may also like

Trending news

Crypto prices