Researchers Find 40k Exposed OpenClaw Instances (www.infosecurity-magazine.com)

Researchers from SecurityScorecard have uncovered a staggering 40,214 misconfigured instances of the AI assistant OpenClaw exposed to the public internet, posing serious security risks. These instances, linked to over 28,000 unique IP addresses, could grant threat actors unfettered access to sensitive systems due to vulnerabilities in the software. With a significant percentage—63%—of the exposed deployments identified as vulnerable, and 12,812 instances at high risk for remote code execution (RCE) attacks, the implications for organizations utilizing OpenClaw are critical. The discovery emphasizes a long-standing issue in cybersecurity where convenience often leads to concentrated vulnerabilities. SecurityScorecard highlights existing correlations between exposed instances and previous security breaches, showcasing a pattern familiar with other cloud and software tools. They urge OpenClaw users to implement stringent security measures, including limiting access, adopting a zero-trust approach, and being vigilant about potential prompt injection attacks. The findings underscore the necessity for heightened awareness and proactive security practices within the AI/ML community, as reliance on automated agents increases juxtaposed with the risk of exploitation.