What is ClawSwarm and how does it affect OpenClaw agents?

ClawSwarm is a campaign of 30 ClawHub skills by a single author that silently turns OpenClaw agents into a cryptocurrency mining network without user consent or approval.

How do ClawSwarm skills mine cryptocurrency through OpenClaw?

The skills generate Hedera crypto wallets, register private keys with a remote server, and check in every 4 hours. The agent stores credentials on disk and uses legitimate SDK calls, making detection by traditional malware scanners difficult.

Who discovered the ClawSwarm crypto mining skills?

Manifold's research lead Ax Sharma discovered the 30 ClawHub skills that compose the ClawSwarm campaign.

How many total malicious skills have been found on ClawHub?

Beyond the 30 ClawSwarm skills, the broader ClawHavoc campaign found 1,184 malicious skills on ClawHub, and separate analyses found 341+ skills containing malicious code.

← Back to dashboard

clawsmith.com/signal/clawhub-clawswarm-30-skills-crypto-mining-network

⚠ IssueUnderservedSecurityLive

ClawSwarm: 30 ClawHub Skills Secretly Turn AI Agents Into Crypto Mining Network

Q: Can OpenClaw detect ClawSwarm mining skills automatically?

No, the ClawSwarm skills use legitimate cURL calls and SDK patterns, making traditional malware detection ineffective. ClawHub currently lacks automated behavioral analysis for skills.

Security researchers at Manifold discovered 30 ClawHub skills by a single author that silently co-opt OpenClaw agents into a cryptocurrency mining swarm. Agents generate Hedera wallets, register private keys with a remote server, and check in every 4 hours — all without user approval or visibility. The cURL calls use legitimate SDK patterns making traditional malware detection ineffective.

Product Idea from this Signal

A proxy service that sits between OpenClaw agents and blockchain RPCs, intercepts every transaction call, enforces operator-defined spending limits and destination allowlists, and requires human approval above configurable thresholds

OpenClaw agents are transacting real funds on-chain and the consequences are severe. A February 2026 parsing error triggered a DeFi exploit that moved 52.43M LOBSTAR tokens worth $250K, liquidated for $40K. The CLAWD agentic economy on Base has autonomous agents deploying dApps and managing treasuries without human oversight. Fake CLAWD token scams drain wallets via social engineering. 30 ClawHub skills silently generate Hedera wallets and register with remote mining pools. No production-grade guardrails exist between agent intent and financial execution.

PROXYOPEN-SOURCESECURITYWEB3FINANCIAL-GUARDRAILS

CompetitiveView Opportunity →

Product Idea from this Signal

A CLI security scanner that intercepts and blocks malicious ClawHub skills before they compromise your OpenClaw instance

183.8k ▲

ClawHub has 824+ malicious skills in circulation. 12% of published skills contain malicious code, supply chain rug-pulls, or data exfiltration payloads like AMOS stealer and ClawHavoc. OpenClaw's built-in VirusTotal integration only catches known signatures after publication, leaving zero-day threats and behavioral exploits wide open. This tool sits between ClawHub and your install command, running behavioral analysis, permission auditing, and network call inspection on every skill before it touches your system.

CLIOPEN-SOURCESECURITYDEVTOOL

Competitive75 leadsView Opportunity →