Malicious OpenClaw Skills Deploy Atomic macOS Stealer Through Fake Driver Prompts

Threat actors embedded AMOS stealer in 39 malicious OpenClaw skills across ClawHub, SkillsMP, GitHub. SKILL.md files trick AI agents into prompting manual OpenClawCLI driver installs. Fake password dialogs capture system credentials for full macOS compromise. AMOS malware-as-a-service targets Apple credentials, browser data, crypto wallets, Telegram chats. Universal Mach-O binary runs on Intel and Apple Silicon Macs. Over 2,200 malicious […] The post Malicious OpenClaw Skills Deploy Atomic macOS Stealer Through Fake Driver Prompts appeared first on VPN Central.