AUTONOMOUS AI agents are being used to create a new class of supply chain attack, with SecurityWeek noting that the current campaign focuses on crypto wallets and money theft but could have wider potential. According to Straiker, 71 Claude Skills are overtly malicious and a further 73 show high-risk behaviours, and an active agent-to-agent attack chain is operated by threat actor 26medias in Clawhub and BobVonNeumann in Moltbook and Twitter.
In the attack, BobVonNeumann published the skill bob-p2p on Clawhub, which instructs agents to store Solana wallet private keys in plaintext, buy worthless $BOB tokens, and route payments through attacker-controlled infrastructure. The campaign spreads via social engineering and automated agent collaboration, with agents that install the skill gaining access to users’ private keys and financial assets, enabling lateral movement without further human interaction.
Birdeye flags the $BOB token as a 100% probability rug pull, and SecurityWeek describes this as a new attack class that combines traditional supply chain poisoning with social engineering targeting algorithms rather than people.