AMOS Infostealer Targets macOS Through Popular AI Assistant Ecosystem

What happened

Threat actors are distributing the AMOS infostealer by poisoning the skill marketplace of the OpenClaw AI assistant ecosystem to compromise macOS systems. According to researchers, the campaign—known as ClawHavoc—involved attackers uploading malicious OpenClaw skills disguised as legitimate add-ons such as productivity tools, cryptocurrency utilities, and integrations for popular services. When installed, these malicious skills deployed the Atomic macOS Stealer (AMOS), enabling attackers to extract browser credentials, cryptocurrency wallet data, SSH keys, session cookies, and other sensitive information. 

AMOS operates as a credential-harvesting malware platform that enumerates system credential stores, browsers, and messaging applications to rapidly collect authentication data and transmit it to attacker-controlled infrastructure.  The campaign exploited OpenClaw’s popularity as an AI assistant platform, leveraging user trust in marketplace extensions to facilitate malware installation and credential theft. 

Who is affected

macOS users who installed malicious OpenClaw skills or AI assistant extensions are affected, as AMOS can harvest credentials, cryptocurrency wallet information, and authentication session data directly from compromised systems. 

Why CISOs should care

The use of AI assistant extension marketplaces to distribute infostealer malware highlights how trusted software ecosystems can become distribution channels for credential theft, increasing risk to enterprise identity security and access control. 

3 practical actions

• Audit AI assistant extensions. Review installed OpenClaw skills and remove unauthorized or suspicious add-ons.
• Monitor credential exposure indicators. Detect signs of credential harvesting, session theft, or unusual authentication activity.
• Restrict extension installation. Limit installation of third-party extensions to vetted and approved sources only.

John Kevin Hao

+ postsBio ⮌

John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.

• John Kevin Hao

  CISO Diaries: Alessio Cipolletta on Security in Safety-Critical Aviation Environments
• John Kevin Hao

  FBI Warns of Kali365 Phishing-as-a-Service Platform After April Microsoft 365 Attacks
• John Kevin Hao

  Ukraine Probes Teen Suspect in Cyber Theft Scheme Targeting California Online Shoppers
• John Kevin Hao

  CISO Diaries: Jason Scanlon on Security Culture, Leadership, and the Human Side of Cybersecurity