Crypto: Openclaw AI Hub Faces Wave Of Poisoned Plugins, Slowmist Warns

SlowMist flagged 472 AI skills containing malicious code, as plugins and extensions increasingly become a target for hackers seeking access to the devices of cryptocurrency investors.

A plugin hub associated with the open-source artificial intelligence agent project OpenClaw has become a target for supply chain poisoning attacks, according to a new report from cybersecurity firm SlowMist.

In a report released on Monday, SlowMist said attackers have been uploading malicious “skills” to OpenClaw’s plugin hub, known as ClawHub, exploiting what it described as weak or nonexistent review mechanisms. The activity allows harmful code to spread to users who install the plugins, potentially without realizing the risk.

SlowMist said its Web3-focused threat intelligence solution, MistEye, issued high-severity alerts related to 472 malicious skills on the platform.

Supply chain poisoning is a cyberattack in which hackers infiltrate a software supplier or component to inject malicious code before it reaches end users.

Related: DOJ-released emails suggest Epstein made $3.2M Coinbase investment in 2014

According to SlowMist, the infected skills masquerade as dependency installation packages, which hide malicious commands that trigger backdoor functions after being downloaded and executed, a tactic the company compared to a Trojan horse.

Once installed, attackers typically resort to extortion following data theft, SlowMist said, as the base64-encoded backdoor can collect passwords and personal files from infected devices.

Most of the attacks stem from the same malicious domain address (socifiapp[.]com), registered in July 2025, and an IP address that SlowMist said has been associated with Poseidon-linked infrastructure exploits.

Related: Whale's $9B Bitcoin sale was not due to quantum concerns: Galaxy Digital

Source: CoinTelegraph