A new wave of malware is posing a significant threat to software developers, as a deceptive npm package masquerades as a legitimate developer tool to steal sensitive information. This package, named @openclaw-ai/openclawai, appears to be a command-line installer but operates in the background to siphon off credentials, crypto wallets, and more.
Disguised Threat: The GhostClaw Campaign
The malicious activity has been linked to a campaign identified as GhostClaw, with the internal malware component named GhostLoader. This campaign specifically targets developers utilizing the npm ecosystem. Upon executing the install command, the malware silently reinstalls itself globally, embedding a harmful binary into the system PATH.
This binary connects to a file known as setup.js, an obfuscated dropper initiating the entire infection chain. The intricacy of this operation highlights the attackers’ efforts to mimic legitimate development tools from the outset.
Unveiling the Attack Methodology
Security experts from JFrog discovered this harmful npm package on March 8, 2026. Meitar Palas, a researcher, documented the attack’s scope, detailing its multi-stage payload and sophisticated social engineering tactics that grant attackers long-term access to compromised systems.
GhostClaw’s ability to gather a wide array of data is particularly concerning. The malware collects system passwords, keychain databases, and cloud credentials from AWS, GCP, and Azure. It also scans for cryptocurrency seed phrases and captures saved passwords and credit card information from browsers.
A Cross-Platform Menace
This malware is not confined to a single operating system. It targets developers on macOS, Linux, and Windows, adapting its credential validation techniques accordingly. GhostClaw’s extensive reach and advanced evasion methods make it a formidable threat in the npm registry’s recent history.
At the heart of GhostClaw’s infection strategy is its ability to deceive developers into surrendering their system passwords. The setup.js dropper presents a convincing fake installer, complete with animated progress bars and realistic system logs, culminating in a deceptive password prompt.
Protective Measures and Recommendations
To mitigate the impact of this attack, developers who have installed the package should remove the .npm_telemetry directory and inspect their shell configuration files for unauthorized modifications. Terminating any running monitor.js processes and uninstalling the package is crucial.
All credentials, including system passwords, SSH keys, and API tokens, should be rotated without delay. Active sessions on platforms like Google and GitHub must be revoked to prevent unauthorized access. Given the malware’s deep integration, a complete system re-image is advisable.
Stay informed by following us on Google News, LinkedIn, and X for more updates. Prioritize security by setting CSN as a preferred source on Google.
