A recent infostealer campaign is compromising sensitive data by masquerading as an installer for OpenClaw, an open-source AI assistant. This malware targets over 250 browser extensions related to crypto wallets and password managers. The campaign has been operational since at least February 2026.
Infiltration Through a Fake Website
The attack initiates from a counterfeit website, openclaw-installer.com, registered on March 9, 2026. Visitors are led to download an archive named OpenClaw_x64[.]7z. This file includes a 130MB Rust-based executable with fake documentation to bypass security scans. The size is specifically chosen to evade antivirus file-size checks and automated sandbox limits.
Researchers from Netskope Threat Labs identified this campaign, referring to it as the “Hologram” wave. This marks a more advanced phase of the operation.
Technical Sophistication and Evasion Techniques
The dropper’s manifest clearly identifies itself as “Hologram,” designed for tactical misdirection. When executed, it scrutinizes the environment to determine if it is within a virtual machine or sandbox by checking BIOS strings and hardware profiles.
If genuine user activity, such as mouse movement, is detected, the malware proceeds by disabling Windows Defender, opening firewall ports, and downloading six modular components. These actions are confirmed via a private Telegram channel once successful.
Extensive Credential Theft Strategy
The malware retrieves a targeting list from an attacker-controlled Azure DevOps organization, encompassing 250 browser extensions. This list includes 201 crypto wallets like MetaMask and Coinbase, and 49 password managers such as LastPass and 1Password.
Because the list is stored in a remote Git repository, attackers can update their targets without altering the malware, allowing for quiet expansion. Additionally, it accesses Ledger Live data for dual theft paths.
Infrastructure and Detection Challenges
The campaign’s resilience stems from its dynamic infrastructure management. The command server address is dynamically updated from a Telegram channel description, allowing seamless domain changes. During analysis, the infrastructure was altered before results could be published.
Security teams should focus on behavioral indicators that persist beyond domain shifts, such as large installer files and programmatic firewall rule changes. Simple domain blocking is ineffective; comprehensive application-level inspection is essential.
Conclusion
This campaign demonstrates a sophisticated approach to data theft, with evolving techniques and infrastructure that challenge traditional detection methods. As cyber threats continue to advance, security strategies must adapt to address these emerging challenges effectively.
