{"id":"MAL-2026-4183","summary":"Malicious code in openclaw-agent (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (b89b6a94f589218276e6dabe5accf4a6d6a9b22cd7412cce0a58069bccd76bbb)\nThe package is intended to create a backdoor and steal sensitive data, but the analyzed code did not finally exfiltrate the content of sensitive files.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-05-openclaw-agent\n\n\nReasons (based on the campaign):\n\n\n - exfiltration-generic\n\n\n - impersonation\n\n\n - persistence\n\n\n - peristence-autorun\n\n\n - backdoor\n\n\n - crypto-related\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n","modified":"2026-05-20T06:30:55.305229730Z","published":"2026-05-20T06:10:33Z","database_specific":{"malicious-packages-origins":[{"import_time":"2026-05-20T06:26:20.203109355Z","id":"pypi/2026-05-openclaw-agent/openclaw-agent","versions":["1.0.3"],"modified_time":"2026-05-20T06:10:34.168645Z","source":"kam193","sha256":"b89b6a94f589218276e6dabe5accf4a6d6a9b22cd7412cce0a58069bccd76bbb"}],"iocs":{"urls":["http://91.92.242.30/steal"],"ips":["91.92.242.30"]}},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/openclaw-agent"}],"affected":[{"package":{"name":"openclaw-agent","ecosystem":"PyPI","purl":"pkg:pypi/openclaw-agent"},"versions":["1.0.3"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/openclaw-agent/MAL-2026-4183.json"}}],"schema_version":"1.7.5","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"}]}