GHOSTLOADER Malware Spreads Through Fake OpenClaw npm Package describes a malicious npm package that masquerades as a command-line installer for an OpenClaw integration tool but actually deploys GhostLoader, an information‑stealing malware framework. The package, published as @openclaw-ai/openclawai, appeared in the npm registry in early March 2026 and triggers a multi‑stage infection that steals credentials, crypto wallets, browser data, and developer secrets while establishing a persistent Remote Access Trojan.
The attack begins with a postinstall script that reinstalls the package globally, making the malicious command available in the system PATH. A staged payload is downloaded from a remote server and used to exfiltrate data, including macOS Keychain contents, passwords, cookies, seed phrases, SSH keys, and cloud credentials, with live browser session cloning cited as a particularly dangerous capability.
GhostLoader then maintains persistence via a hidden directory, startup commands in shell configuration files, scheduled tasks, and background operation, enabling ongoing access and control. According to SOCRadar, developers can mitigate risk by verifying package sources, reviewing install scripts, limiting privileges, using security scans, and rotating credentials if suspicious packages are installed. 10 March 2026.