-640x358.jpg&w=1200&q=75)
Cybersecurity researchers have warned that the viral AI assistant Clawdbot risks leaking private messages and credentials after misconfigured servers exposed sensitive data to the public.
Blockchain security firm SlowMist said it identified a Clawdbot “gateway exposure” that has put hundreds of API keys and private chat logs at risk across publicly accessible servers.
“Multiple unauthenticated instances are publicly accessible, and several code flaws may lead to credential theft and even remote code execution,”
SlowMist said.
“Hundreds of people have set up their Clawdbot control servers exposed to the public,”
Security researcher Jamieson O'Reilly said, adding that searching for “Clawdbot Control” returned hundreds of vulnerable servers within seconds.
Clawdbot is an open-source AI assistant built by developer Peter Steinberger that runs locally but connects large language models to messaging platforms via a web-based admin interface.
O’Reilly said the flaw allows access to API keys, bot tokens, OAuth secrets, signing keys, full chat histories and even command execution, warning users to audit configurations immediately.
The risks extend to crypto security, with Matvey Kukuy saying he extracted a private key via prompt injection in minutes, while SlowMist urged strict IP whitelisting to limit exposure.