If you're running OpenClaw, you probably got hacked in the last week

https://old.reddit.com/r/sysadmin/comments/1sbdw29/if_youre_running_openclaw_you_probably_got_hacked/

104•kykeonaut•1h ago

Comments

deadbabe•1h ago

I have a theory OpenClaw was built deliberately for malicious reasons under the guise of being something cool and useful.

EA-3167•54m ago

In this case I'd say that it was made not to enable that, but in total disregard of its realistic uses and risks. In a sense this is less... deliberate poisoning, and more doing a bad job cutting heroin with fentanyl for distribution. Yeah the result is the same, but the cause is negligence to the point of parody rather than outright malice.

throwatdem12311•34m ago

Some people are so stupid it is indistinguishable from evil.

cactusplant7374•54m ago

What reason would Steinberger have for doing that? It was his hobby project.

asdff•38m ago

He doesn't need a reason. He could have been captured by intelligence after the fact.

throwatdem12311•35m ago

You can’t think of a single reason?

Intelligence asset.

Useful idiot.

Plenty of reasons.

podgorniy•56m ago

lol

tgv•42m ago

Your comment is obviously against the rules, but I read it as: Why are people not more careful? This is some unknown, app, with unknown, unvetted depths, and you only like it because other people say it's shiny and AI. It made you giddy, and you forgot that giving a tool permissions is an invitation to hackers. Well, you went ahead and ignored all common sense, and here we are.

sva_•49m ago

> 4. System grants admin because it never checks if you are authorized to grant admin

Shipping at the speed of inference for real.

gos9•42m ago

Really? Posting AI generated Reddit post with no sources or anything?

tgv•39m ago

The CVE seems to be real.

hmokiguess•37m ago

The link mentions the CVE, here's the link https://nvd.nist.gov/vuln/detail/CVE-2026-33579

earnesti•41m ago

I don't think enabling admin on open internet is a default behaviour by any means?

rvz•40m ago

OpenClaw has over 400+ security issues and vulnerabilities. [0]

Why on earth would you install something like that has access to your entire machine, even if it is a separate one which has the potential to scan local networks?

Who is even making money out of OpenClaw other than the people attempting to host it? I see little use out of it other than a way to get yourself hacked by anyone.

[0] https://github.com/openclaw/openclaw/security

nickthegreek•37m ago

It does not need access to your full machine. It can literally run in a vps.

fraywing•31m ago

How do you think the vibe-coding layman audience is using OpenClaw?

nickthegreek•26m ago

hostinger vps if youtube is any indication.

throwatdem12311•39m ago

Think of all the people that are too ignorant to even understand the basics of any of this that are running OpenClaw. They will be completely unaware and attackers can easily hide their tracks by changing system prompts (among plenty of other things).

This is bad.

Simon321•39m ago

Only if your openclaw instance is publicly exposed on the internet... which is not the case for most people

causal•33m ago

Until recently, this was default configuration

Edit: Default binding was to 0.0.0.0, and if you were not aware of this and assumed your router was keeping you safe, you probably should not be using OpenClaw. In fact some services may still default to 0.0.0.0: https://github.com/openclaw/openclaw/issues/5263

charcircuit•31m ago

Since pretty much the beginning it wasn't and the documentation explicitly warned not to make it public, exposing it to the internet. It included information on how you can properly forward the gateway port to your machine without opening it up to the internet.

earnesti•30m ago

I have used openclaw pretty long but at no point it has proposed doing anything like that.

nickthegreek•28m ago

Not true. So many people love to come out of the woodwork on these openclaw posts who have no first hand knowledge of the software. It is stunning.

fraywing•39m ago

Could anyone have predicted that giving an agent free reign of your personal hardware could have resulted in bad things happening? not I /s

jstanley•37m ago

But this is nothing to do with the agent being tricked. This is ordinary old-fashioned code being tricked!

blharr•38m ago

Hackernews is now posting links to reddit AI slop posts that I came here to get away from...

throwatdem12311•33m ago

As if the non-Reddit links aren’t majority AI slop already.

dgellow•21m ago

Flag then move to the next one

niwtsol•37m ago

Title is a bit misleading, no? You have to have openclaw running on an open box. And the post even says "135k open instances" out of 500k running instances? so a bit clickbait-y

mey•28m ago

More than 25% of users seems like a pretty accurate "probably".

peacebeard•20m ago

Today I learned nobody agrees on what the word "probably" means.

SequoiaHope•16m ago

Ya I thought it meant “more probable than not” ie 50+%.

Otherwise I would say “you may have been hacked” not “you probably have been hacked”.

lwansbrough•15m ago

That is what it means. Unless you're losing an argument on the internet and you need a word to hide behind. ;)

zephen•9m ago

You're probably right.

furyofantares•19m ago

Here's a statement that's about 3x as true then:

If you're running OpenClaw, you probably didn't get hacked in the last week.

DrewADesign•4m ago

You know you’re getting into zealot territory when people are arguing semantics over the headline pointing to a zero authentication admin access vulnerability CVE that affects a double-digit percentage of users.

0cf8612b2e1e•27m ago

1/5 rounds to “probably” when discussing security.

nickthegreek•22m ago

The 135k number appears to be pulled out of thin air? No idea where the 65% comes from. The command the post gives to list paired devices isn't correct. These are red flags.

earnesti•25m ago

The 135k instances is likely not true at all.

DrewADesign•20m ago

It’s also only 65% of those that have zero authentication configured, according to that post (which I have done nothing to confirm or challenge at all… Frankly I wouldn’t touch OpenClaw with a ten foot… cable?) That said, I think it’s far more important to get people’s attention who might otherwise not realize how closely they need to pay attention to CVEs than it is to avoid hyperbole in headlines.

codechicago277•13m ago

Not if this is crying wolf and causing those same people to ignore the very real security risks with using OpenClaw.

DrewADesign•11m ago

How is 20% of users getting pwned ”crying wolf” by any reasonable measure? This is a zero authentication admin access vulnerability.

petcat•28m ago

I don't use OpenClaw, but I still run my Claude Code and Codex as limited macOS user accounts and just have a script `become-agent <name> [cmd ...]` that does some sudo stuff to run as the limited user so they don't have any of my environment or directory access, or really any system-level admin access at all. They can use and write to their home directories as usual, which makes things easier to configure since those CLI harnesses really like when $HOME is configured and works as expected.

It's a good compromise between running as me and full sandbox-exec. Multi-user Unix-y systems were designed for this kind of stuff since decades ago.

Leomuck•17m ago

Well, such things were to be expected. It's easy to bash on all the people who haven't gotten the necessary IT understanding of securing such things. Of course, it's uber-dumb to run an unprotected instance. But at the same time, it's also quite cool that so many people can do interesting IT stuff now. I'm thinking basically it's a trade-off. Be able to do great stuff, live with the consequences of doing that without proper training. Like repairing your car yourself. You might have fun doing it, it might get you somewhere, but you have to accept that if you have no idea about cars, you just introduced a pretty big risk into your life (say if you replaced the brakes or something). But yea, security, privacy, fighting climate change, all very much on the decline - humans doing cool things, ignoring important things - we'll have to live with the consequences.

neya•12m ago

Someone has to say this, but - If you still continued to use OpenClaw despite multiple top news sites explaining the scope of the previous hacks and why you shouldn't use it, you probably deserved to get hacked

sunaookami•5m ago

Honest question: What do people actually USE OpenClaw for? The most common usage seems to be "it reads your emails!", that's the exact opposite of "exciting"...