SlowMist: ClawHub developers beware of phishing and credential leakage risks

CoinFeed reported on March 13th that 23pds, Chief Information Security Officer of SlowMist Technology, issued a warning to ClawHub developers about the risks of phishing and credential leakage. Currently, ClawHub relies on developers' one-click login to GitHub. Previously, the Sha1-Hulud worm stole a large number of developers' GitHub credentials, and attackers may exploit this opportunity to compromise Skills. The attack path is: credential theft → attacker gains GitHub privileges → logs into ClawHub as a developer → releases malicious Skills to implant a backdoor → user downloads and installs the Skills, executing malicious code and causing system intrusion.