Fraudulent OpenClaw installers hosted on GitHub and promoted through Microsoft Bing's AI-powered search results were found deploying information-stealing malware to unsuspecting users. The malicious repositories masqueraded as legitimate installation sources for the popular open-source AI assistant, which has broad local system access and integration capabilities with email and messaging services. Huntress researchers discovered that Bing AI recommended these fake GitHub pages when users searched for the Windows version of OpenClaw.
The threat actors created GitHub organizations with convincing names like "openclaw-installer" and populated repositories with copied legitimate code to appear authentic. MacOS users were directed to execute bash commands that downloaded Atomic Stealer malware disguised within Mach-O executables. Windows victims received OpenClaw_x64.exe, which deployed Rust-based loaders executing information stealers including Vidar malware that obtained command-and-control data from Telegram and Steam profiles.
Another payload delivered to Windows systems was GhostSocks proxy malware, which converts compromised machines into proxy nodes for routing malicious traffic and evading anti-fraud measures. The researchers noted that simply hosting malware on GitHub was sufficient to poison Bing AI search results and gain recommendation status. Multiple accounts and repositories involved in this campaign have been reported to GitHub, though removal status remains unclear. Users are advised to bookmark official software portals directly rather than relying on search engines to locate installers, as the official OpenClaw repository remains the only trusted source for downloads.
Read more...