What Happened
Security researchers have discovered over 40,000 OpenClaw instances running on the public internet without proper authentication or access controls. These instances are accessible to anyone and expose API keys, conversation history, and configuration data.
Why This Matters
If your OpenClaw instance is one of the exposed ones:
- Attackers can use your AI assistant and burn through your API credits
- Your API keys (OpenAI, Anthropic, etc.) can be stolen
- Your conversation history may be accessible
- Your instance could be used as a proxy for malicious purposes
How to Check If You Are Affected
If you self-host OpenClaw, check:
- Can you access your instance from a public IP without logging in?
- Are your API keys in plaintext in a config file?
- Is your instance running behind a firewall?
If you answered "yes" to question 1, you are likely exposed.
The Fix
Either secure your self-hosted instance with proper authentication and a firewall, or switch to a managed service like ClawMate where security is handled for you.
With ClawMate, your assistant runs in an isolated environment with encryption, access control, and automatic security updates. No exposed ports, no public configuration files, no risk.