Why are Chinese users paying to uninstall OpenClaw?

After massive adoption, users reported stolen API keys triggering 12,000-yuan bills. Security fears, state agency bans, and opaque permissions drove a reversal. Paid removal services (299 yuan) appeared on Xianyu.

What is the OpenClaw lobster craze in China?

Raising the lobster became Chinese slang for deploying OpenClaw agents. The phrase went viral in March 2026 as users automated tasks via OpenClaw, until security concerns triggered a mass uninstall wave.

Is OpenClaw banned in China?

State agencies and major banks have banned OpenClaw on work devices. The government restricted its use in government agencies and state-owned enterprises over cybersecurity concerns.

How do I safely uninstall OpenClaw?

Remove the OpenClaw app, revoke all connected API keys from Anthropic/OpenAI dashboards, check for leftover files in config directories, and scan for any injected credentials or tokens.

How was OpenClaw API key theft happening in China?

Users with misconfigured or exposed API keys had them scraped from OpenClaw config files or intercepted through network exposure. Self-hosted instances on consumer networks were particularly vulnerable.

← Back to dashboard

clawsmith.com/signal/china-openclaw-paid-uninstall-api-key-theft

⚠ IssueUnknownLive

China OpenClaw Boom Reverses — Users Paying 299 Yuan on Xianyu to Uninstall After API Key Theft

After China's 'raising the lobster' OpenClaw craze, the wave reversed when users reported stolen API keys triggering 12000-yuan bills. Paid removal services (299 yuan) flooded Xianyu and Xiaohongshu. State agencies and major banks banned the tool. 'Loading lobsters costs 599, unloading them costs 299.' Covered by SCMP, NBC News, and Asia Times.

Product Idea from this Signal

A credential security agent that protects OpenClaw API keys from theft when running in shared or cloud environments

11.0k ▲

The Chinese OpenClaw boom exposed a critical security gap. Users who deployed OpenClaw through third-party setup services or shared cloud templates found their API keys stolen, racking up thousands in charges. Some users on Xianyu are now paying 299 yuan just to get OpenClaw safely uninstalled. The problem is not unique to China. Anyone running OpenClaw on a shared machine, a managed hosting provider, or through a setup script from an untrusted source faces the same risk. This tool vaults API keys using OS-level credential storage, monitors for unauthorized key access, and alerts users the moment their key is used from an unexpected IP or process.

SECURITYCLIDEVTOOLOPEN-SOURCE

CompetitiveView Opportunity →