According to Manifold researcher Ax Sharma, 30 plugins on ClawHub disguised as legitimate AI tools have been downloaded over 9,800 times while secretly converting users’ AI assistants into cryptocurrency workers. The plugins, published under the account imaflytok, appear as routine task schedulers and monitoring tools but contain hidden instructions that execute unauthorized operations.
Once installed, the plugins automatically register users’ AI assistants with third-party servers, generate cryptocurrency wallets, and extract private keys without user consent or notification. The assistants then check in every 4 hours awaiting task assignments. Sharma noted the plugins contain no malicious code detectable by security scanners, using only standard interfaces and legitimate tools, making them difficult to identify through conventional security reviews.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Bisq Protocol Attacked, 11 BTC Stolen on May 4; Compensation Plan Under DAO Vote
According to Bisq, the protocol was attacked on May 4 due to missing verification mechanisms, resulting in approximately 11 BTC being stolen, primarily from altcoin trades. The platform is discussing compensation options for affected users, who can choose between Bitcoin or BSQ token reimbursement p
GateNews35m ago
$292M Crypto Hack Exposes DeFi Security Vulnerabilities, Prompts Industry Reform Calls
According to CoinDesk, a $292 million cryptocurrency hack this year exposed significant security vulnerabilities within DeFi protocols, prompting industry insiders to call for reforms in risk management and market structure as traditional finance increasingly moves onchain.
GateNews1h ago
Paradigm proposes Bitcoin quantum security design for key control proof
Venture fund Paradigm has proposed a new design that would allow cryptocurrency holders to privately timestamp proof that they control vulnerable keys before quantum computers arrive, according to the proposal. The design is intended to create a possible rescue path if Bitcoin ever sunsets old
CryptoFrontier2h ago
North Korea Creditors Seek Kelp DAO ETH as Arbitrum Vote Nears
On May 1, 2026, lawyers for terrorism victims served Arbitrum DAO with a restraining notice barring movement of 30,766 ETH (~$71.1 million) frozen by the Arbitrum Security Council on April 20 following the Kelp DAO exploit. According to the notice, the funds are subject to attachment under U.S. law
CryptoFrontier2h ago
North Korea Creditors Seize Restraining Order on Arbitrum's 30,766 ETH on May 1
According to The Block, on May 1, lawyers representing North Korea terrorism creditors served a restraining notice on Arbitrum DAO, preventing the release of 30,766 ETH (~$71.1 million) that the Arbitrum Security Council froze on April 20 following the Kelp DAO exploit. The notice names Arbitrum DAO
GateNews6h ago
Paul Sztorc's eCash Airdrop Draws Developer Warnings
Developers and industry figures have raised concerns about Paul Sztorc's eCash proposal, citing user risk, uneven distribution, and philosophical tension, according to industry commentary. The proposal has been characterized as 'hazardous' due to these issues.
Note: The source material provided con
CryptoFrontier7h ago
