Dramatic illustration of a computer screen showing OpenClaw AI security warning from Chinese cybersecurity agency, with hacker threats and vulnerability symbols.

Chinese cybersecurity agency warns of OpenClaw AI risks

Rabu, 11 Maret 2026

Dilaporkan oleh AI

Gambar dihasilkan oleh AI

China's national cybersecurity authority has warned of security risks in the OpenClaw AI agent software, which could allow attackers to gain full control of users' computer systems. The software has seen rapid growth in downloads and usage, with major domestic cloud platforms offering one-click deployment services, but its default security configuration is weak.

OpenClaw is an AI agent software designed to execute computer tasks directly through natural language instructions, also known as Clawdbot or Moltbot. Developed by Austrian programmer Peter Steinberger, the software has quickly gained popularity on GitHub, with users nicknaming it 'lobster'. It is built to perform real-world operations, such as organizing desktops and processing data, but requires high system permissions, including access to local files, environment variables, and external APIs.

China's National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT) posted a notice on its official social media account, highlighting that OpenClaw's default security configuration is weak, making affected systems vulnerable to exploitation. Key risks include attackers embedding hidden malicious instructions in web pages to trick the AI agent into revealing sensitive information, such as system keys; the software potentially misinterpreting user commands and accidentally deleting important data, including emails or core operational information; and some plugins identified as malicious, which could steal encryption keys, install malware, or turn compromised devices into cyberattack tools.

The Ministry of Industry and Information Technology (MIIT)-run National Vulnerability Database (NVDB) issued six 'dos' and six 'don'ts' for OpenClaw users. Developed in collaboration with AI agent providers, vulnerability platform operators, and cybersecurity firms, the guidelines address risks in typical use cases. Dos include using the official latest version, minimizing internet exposure, granting only minimum necessary permissions, exercising caution with the third-party skill market, guarding against browser hijacking, and regularly checking for patch vulnerabilities. Don'ts include using outdated or third-party mirror versions, exposing AI agent instances to the internet, enabling administrator accounts during deployment, installing skill packs that require entering passwords, browsing unverified websites, and disabling detailed log auditing functions.

The NVDB also provided instructions on restricting internet access, scanning files, and uninstalling the software. Several medium- and high-severity vulnerabilities have been publicly disclosed in OpenClaw, which, if exploited, could lead to system compromise and theft of sensitive data, including personal files, payment information, and API keys. The software's rapid adoption signals AI's shift from conversation to action, but experts stress starting with limited permissions and gradually expanding access to balance convenience with security.

(Word count: 248)

Apa yang dikatakan orang

X discussions focus on China's national cybersecurity agency's warnings about OpenClaw AI agent's weak default security, enabling attackers to gain full system control through prompt injection, malicious plugins, and vulnerabilities. Reactions highlight the irony of explosive adoption by governments and firms alongside bans in banks and state agencies, with users offering hardening tips, expressing privacy fears, and noting rapid AI experimentation despite risks.

isn't wrong - Chinese CNCERT just issued their second warning in March 2026 about OpenClaw security vulnerabilities, and state banks are banning it from office devices.

The core risks:
🔒 Exposed management UI - Default port 8080 wide open to the internet is a honeypot for…
— Solvr (@solvrbot) March 11, 2026

中国政府对 OpenClaw 发了安全警告。

不是封禁，是加固指南。

这说明了什么？2026 年 AI Agent 已经从实验室走进生产环境——政府、银行、企业都在用。

风险不是技术本身，是配置不当：
• 缺失 ACP 验证 → 任何人都能控制你的 Agent
• 凭据泄露 → API key 直接写在配置文件里
• 公网暴露 →… pic.twitter.com/xi63mDhfDX
— Xghost (@skyeye001) March 11, 2026

🚨 这几天 AI 圈最火的 OpenClaw 出事了！

出于安全考虑，中国限制银行、国有企业和政府机构在办公电脑上使用 OpenClaw 应用程序。严厉程度：不仅不让装，装了的还要上报卸载，传闻甚至波及家属！

前两天还在全民养红龙，今天就面临国家队自查。再次见证啥叫中国速度！… pic.twitter.com/v0UVlqQ5oA
— 程序员老熊 (@xiongchun007) March 11, 2026

Got asked a bunch this morning about the Chinese govt warning against OpenClaw due to security issues, after several municipal govts pushing it.

Kinda the system working as intended, even if a bit comical in timing.

That’s because China sets broad national priorities and hard… https://t.co/vHMO6HQQor
— Rui Ma (@ruima) March 11, 2026

🇨🇳 🤖 🤡 🤭

"China’s cybersecurity agency on Tuesday issued a second warning about security and data risks tied to OpenClaw, despite a rush among local governments and tech companies to adopt the artificial intelligence agent amid a nationwide frenzy." pic.twitter.com/B6tVn8azn4
— Chairman Lmao (@Night_Market) March 11, 2026

Jaringan sosial AI Moltbook alami pertumbuhan cepat di tengah kekhawatiran keamanan

Selasa, 03 Februari 2026 Dilaporkan oleh AI Gambar dihasilkan oleh AI

Diluncurkan akhir Januari, Moltbook dengan cepat menjadi pusat bagi agen AI untuk berinteraksi secara otonom, menarik 1,5 juta pengguna pada awal Februari. Meskipun bot di platform telah membentuk komunitas dan bahkan agama parodi, para ahli menyoroti risiko keamanan signifikan termasuk kredensial yang tidak aman. Pengamat memperdebatkan apakah perilaku ini menandakan kemunculan AI sejati atau sekadar peniruan pola manusia.

OpenClaw gains rapid traction as AI execution engine for crypto

OpenClaw, an open-source AI project formerly known as Moltbot and Clawdbot, has surged to over 100,000 GitHub stars in less than a week. This execution engine enables AI agents to perform actions like sending emails and managing calendars on users' behalf within chat interfaces. Its rise highlights potential to simplify crypto usability while raising security concerns.

Asisten AI OpenClaw bertahan dari ketenaran viral dan rebranding di tengah kekacauan

Jumat, 30 Januari 2026 Dilaporkan oleh AI

Asisten AI open-source yang awalnya bernama Clawdbot dengan cepat mendapatkan popularitas sebelum mengalami dua rebranding cepat menjadi OpenClaw karena kekhawatiran merek dagang dan gangguan online. Dibuat oleh pengembang Peter Steinberger, alat ini terintegrasi ke aplikasi pesan untuk mengotomatisasi tugas dan mengingat percakapan. Meskipun ada masalah keamanan dan penipuan, ia terus menarik para penggemar.

Teknologi

Peter Steinberger bergabung dengan OpenAI untuk memajukan agen pribadi

Teknologi

Google launches workspace CLI for AI tool integration

Teknologi

Pengguna OpenAI jadi sasaran email penipuan dan panggilan vishing

Ekstensi AI Chrome palsu menargetkan lebih dari 300.000 pengguna

Para penjahat telah mendistribusikan ekstensi AI palsu di Google Chrome Web Store untuk menargetkan lebih dari 300.000 pengguna. Alat-alat ini bertujuan mencuri email, data pribadi, dan informasi lainnya. Masalah ini menyoroti upaya berkelanjutan untuk mendorong perangkat lunak pengawasan melalui saluran resmi.

Para ahli menyoroti ancaman AI seperti deepfake dan LLM gelap dalam kejahatan siber

Sabtu, 24 Januari 2026 Dilaporkan oleh AI

Para ahli keamanan siber semakin khawatir dengan cara kecerdasan buatan mengubah kejahatan siber, dengan alat seperti deepfake, phishing AI, dan model bahasa besar gelap yang memungkinkan pemula pun melakukan penipuan canggih. Perkembangan ini menimbulkan risiko besar bagi bisnis tahun depan. Wawasan yang diterbitkan oleh TechRadar menekankan skala dan kecanggihan ancaman baru ini.

TechRadar: Peretas menggunakan alat AI mudah untuk serangan siber yang lebih cepat

Mengikuti temuan terbaru IBM tentang AI yang mempercepat eksploitasi kerentanan, laporan TechRadar memperingatkan bahwa peretas beralih ke solusi AI yang mudah diakses untuk serangan lebih cepat, sering kali mengorbankan kualitas atau biaya. Bisnis harus menyesuaikan pertahanan terhadap ancaman yang terus berkembang ini.

cURL hapus program bug bounty karena konten sampah buatan AI

Kamis, 22 Januari 2026 Dilaporkan oleh AI

Proyek cURL, alat jaringan open-source utama, mengakhiri program hadiah kerentanan setelah banjir laporan berkualitas rendah buatan AI membanjiri tim kecilnya. Pendiri Daniel Stenberg menyebutkan perlunya melindungi kesehatan mental pemelihara di tengah serangan tersebut. Keputusan berlaku akhir Januari 2026.

12 Maret 2026 10.38

Chinese cybersecurity agency warns of OpenClaw AI risks

Apa yang dikatakan orang

Artikel Terkait

Jaringan sosial AI Moltbook alami pertumbuhan cepat di tengah kekhawatiran keamanan

OpenClaw gains rapid traction as AI execution engine for crypto

Asisten AI OpenClaw bertahan dari ketenaran viral dan rebranding di tengah kekacauan

Peter Steinberger bergabung dengan OpenAI untuk memajukan agen pribadi

Google launches workspace CLI for AI tool integration

Pengguna OpenAI jadi sasaran email penipuan dan panggilan vishing

Ekstensi AI Chrome palsu menargetkan lebih dari 300.000 pengguna

Para ahli menyoroti ancaman AI seperti deepfake dan LLM gelap dalam kejahatan siber

TechRadar: Peretas menggunakan alat AI mudah untuk serangan siber yang lebih cepat

cURL hapus program bug bounty karena konten sampah buatan AI

Local Governments Promote OpenClaw AI Despite Central Warnings

Studi menemukan sebagian besar chatbot AI membantu merencanakan serangan kekerasan

NVIDIA dikabarkan mengembangkan platform agen AI sumber terbuka

Peretas gunakan AI untuk mengeksploitasi celah keamanan lebih cepat, temuan IBM

Ollama merilis versi 0.17 dengan peningkatan onboarding OpenClaw

Agen AI OpenClaw menjadi target malware infostealer untuk pertama kali

Jaringan sosial AI Moltbook memicu alarm singularitas tapi melibatkan masukan manusia

AI Bob milik IBM rentan manipulasi malware

Bagaimana agen pengkodean AI berfungsi dan keterbatasannya

AI scales up cyber attacks in 2025

Situs web ini menggunakan cookie