BlockBeats News, February 20 — Co-founder of SlowMist, Yu Xian, reposted a security alert. Currently, OpenClaw’s ClawHub marketplace has identified 1,184 malicious skills that can steal SSH keys, crypto wallets, browser passwords, and open reverse shells. A single attacker has uploaded 677 packages. The top-ranked skill contains 9 vulnerabilities and has been downloaded thousands of times.
Yu Xian warned users that text is no longer just text, but instructions. It is recommended to use AI tools in a separate environment, as many OpenClaw skills pose potential risks. Additionally, in Web3 security, smart contracts are only part of the picture; the true causes of incidents have long gone beyond just the contracts. A few days ago, Moonwell was hacked for $1.78 million, with the flawed code originating from Co-Authored-By: Claude Opus 4.6.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Confiscated Bitcoins Disappear Due to Poor Police Management... Urging the Development of Virtual Asset Management Strategies
The police have decided to reform virtual asset management due to Bitcoin disappearances, launching the "Virtual Asset Confiscated Property Management System Improvement Plan," which details management at each stage to ensure security. At the same time, the plan includes entrusting trusted providers to safekeep virtual assets and establishing management rules and manuals to address the severity of past management issues.
TechubNews1h ago
Tsim Sha Tsui Cryptocurrency Company Employee Arrested for Stealing 2.67 Million USDT
ChainCatcher News: A cryptocurrency exchange platform in Tsim Sha Tsui, Hong Kong, has experienced a theft. A 34-year-old network engineer is suspected of stealing approximately 20 customers' USDT (Tether), totaling about 2.67 million USDT, equivalent to approximately 20.87 million HKD. The police have detained him.
GateNewsBot5h ago
IoTeX plans to announce the compensation plan within 24 hours, and L1 has been restored online.
Odaily Planet Daily reports that IoTeX announced on the X platform that after a suspected private key leak led to a hacking attack, the L1 has been restored and upgraded to operate normally. The new version v2.3.4 includes a default blacklist that automatically filters malicious EOA addresses to enhance network security. A comprehensive compensation plan for affected bridging users will be announced within 24 hours.
GateNewsBot5h ago
Trump DeFi project was hacked, and short sellers targeted it! The stablecoin USD 1 briefly dropped to $0.9942.
The USD stablecoin USD1 of the cryptocurrency project World Liberty Financial supported by the Trump family was subjected to an organized attack on . The price once dropped to $0.9942. The attackers hacked into multiple founders' accounts and spread rumors, attempting to profit from it. However, officials emphasized that the stability mechanism and asset reserves of USD1 remain intact, and the coin price has stabilized back to the $1 level. This incident highlights the security and market trustworthiness of the currency.
区块客10h ago
ZachXBT is about to announce a major investigation into suspected insider trading in crypto
Onchain investigator ZachXBT announced a major investigation regarding insider trading within a crypto company, set to be revealed on February 26. Market speculation centers around the Meteora protocol on Solana, currently deemed the highest suspect.
TapChiBitcoin10h ago
A Chinese businessman was kidnapped and murdered in Turkey, and the suspect withdrew a large amount of funds from his crypto account.
A 38-year-old Chinese businessman surnamed Wang was kidnapped and killed in Turkey, with the suspects having a debt dispute with him. Wang was kidnapped by 4 suspects while dining with a female friend, who pretended to be uninvolved. Police discovered his body, and the suspects have been arrested, including the woman who was in collusion with them.
GateNewsBot10h ago
