And indeed, I have significant concerns about the risks installing Moltbot on your personal machine. Since agentic AI will autonomously perform tasks based on prompts, bad actors can take advantage of the situation by surreptitiously feeding those bots malicious prompts of their own. This is called prompt injection, and it can impact any type of agentic AI system, whether an AI browser, or an AI assistant like Moltbot.
As spotted by The Hacker News, Moltbot already has its first malicious extension, dubbed "Clawdbot Agent - AI Coding Assistant" ("clawdbot.clawdbot-agent.") It seems to have been developed before the bot's name change. This extension is designed for Visual Studio Code, Microsoft's open source AI code editor. What's worse, it was hosted on Microsoft's official Extension Marketplace, which no doubt gave it legitimacy to Moltbot users looking for a Visual Studio Code extension.
Luckily, Microsoft has already taken action. The extension is no longer available on the marketplace as of Tuesday. Moltbot has no official Visual Studio Code extension, so assume any you see are illegitimate at best, and malicious at worst. If you did install the extension, researchers have detailed instructions for removing the malware and blocingk any of its processes from running on your device. Of course, to first thing to do is uninstall the extension from Visual Studio Code immediately.
Moltbolt has more security issues too
Bad actors could use these instances for prompt injection: They could pretend to be a Moltbot user, and issue their own prompts to that user's Moltbot AI assistant, or manipulate existing prompts and responses. They could also upload malicious "skills," or specific collections of context and knowledge, to MoltHub and use them to attack users and steal their data.
To combat against this, The Hacker News recommends that all Moltbot users running with the default security configurations take the following steps:
check exposed credentials
look for any signs of attack
Or, you could do what I'm doing, and avoid Moltbot altogether.
Hence then, the article about moltbot formerly clawdbot already has a malware problem was published today ( ) and is available on Live Hacker ( Middle East ) The editorial team at PressBee has edited and verified it, and it may have been modified, fully republished, or quoted. You can read and follow the updates of this news or article from its original source.
Read More Details
Finally We wish PressBee provided you with enough information of ( Moltbot (Formerly Clawdbot) Already Has a Malware Problem )
Also on site :