BTC $62,497.45 -0.48%
ETH $1,781.47 +0.13%
BNB $569.49 +0.26%
XRP $1.06 -0.79%
SOL $75.05 -1.08%
TRX $0.3248 -1.64%
DOGE $0.0718 -0.20%
ADA $0.1572 -1.06%
BCH $233.56 -1.05%
LINK $7.91 -0.10%
HYPE $63.10 -5.00%
AAVE $95.93 +1.65%
SUI $0.7227 -0.65%
XLM $0.1782 -2.51%
ZEC $504.87 -2.70%
BTC $62,497.45 -0.48%
ETH $1,781.47 +0.13%
BNB $569.49 +0.26%
XRP $1.06 -0.79%
SOL $75.05 -1.08%
TRX $0.3248 -1.64%
DOGE $0.0718 -0.20%
ADA $0.1572 -1.06%
BCH $233.56 -1.05%
LINK $7.91 -0.10%
HYPE $63.10 -5.00%
AAVE $95.93 +1.65%
SUI $0.7227 -0.65%
XLM $0.1782 -2.51%
ZEC $504.87 -2.70%

慢雾:ClawHub 开发者请注意钓鱼和凭据泄露风险

2026-03-13 11:57:56
收藏

ChainCatcher 消息,慢雾科技首席信息安全官 23pds 发文提醒称,ClawHub 开发者请注意钓鱼和凭据泄露风险。目前 ClawHub 依赖开发者 GitHub 一键登录,之前 Sha1-Hulud 蠕虫窃取大量开发者的 GitHub 凭据,攻击者可能会伺机攻击 Skills。

攻击路径为:凭证窃取→攻击者获取 GitHub 权限→以开发者身份登录 ClawHub→发布恶意 Skills 植入后门→用户下载安装后执行恶意代码导致系统入侵。

app_icon
ChainCatcher 与创新者共建Web3世界