Fake OpenClaw Installers Deliver Information Stealers

Huntress security researchers say fake OpenClaw installers hosted on GitHub from Feb. 2–10 delivered information-stealing malware and proxy tools after Bing AI search suggestions directed users to malicious repositories. The malicious OpenClaw_x64.exe dropped Rust loaders, a Vidar stealer (cloudvideo.exe) and a GhostSocks proxy, while researchers warn of a new "stealth packer" and publish IoCs for detection and mitigation.