Is OpenClaw an Entry Point for Attackers? - Hunting AI Infostealers and Malicious Skills

Explore the emerging cybersecurity threats posed by OpenClaw, an agentic AI tool that attackers are exploiting through malicious "skills" to create powerful infostealers in this 32-minute episode of SecOps Weekly. Learn from Red Canary's staff threat hunters Tyler Winchester and Brittany Sattler as they demonstrate their systematic approach to hunting for OpenClaw-related threats across enterprise environments. Discover what OpenClaw is and understand the specific dangers associated with AI "skills" and ClawHub, including why this technology matters to enterprise security. Follow the complete threat hunting methodology from the initial planning phase through modeling malicious behavior, examining three key hypotheses for hunting AI infostealers, and executing data queries to identify threats. Gain practical insights into actionable outcomes from threat hunting activities and understand how AI tools are being integrated into modern threat hunting workflows. The presentation covers the entire hunt process with detailed timestamps, providing cybersecurity professionals with concrete strategies for identifying and mitigating risks associated with agentic AI tools that could be weaponized by malicious actors.