GhostClaw Malware Targets macOS Users to Steal Crypto Wallets

Security researchers have identified a sophisticated new malware strain named GhostClaw, which specifically targets macOS users to compromise cryptocurrency assets and sensitive developer data. Disguised as a legitimate command-line tool, the malicious software was distributed through the npm registry and GitHub, leading to the infection of nearly 200 developers within a single week. The attack underscores the growing trend of supply chain threats aimed at the decentralized finance (DeFi) and blockchain sectors.

Mechanism of the GhostClaw Supply Chain Attack

The campaign began on March 3, 2026, when a package mimicking the OpenClaw CLI tool was uploaded to the npm repository by an account named "openclaw-ai." Before its removal on March 10, the package was downloaded by 178 developers. Once installed, the malware initiates a two-stage infection process via a payload known as GhostLoader. This loader facilitates remote access and persistent data exfiltration.

The malware’s primary objective is the theft of private keys, mnemonic phrases, and wallet access credentials. To achieve this, GhostClaw implements a persistent monitoring system that scans the system clipboard every three seconds. This allows the attackers to intercept sensitive transaction data or recovery seeds the moment a user copies them.

Scope of Data Compromise and Distribution Methods

Beyond cryptocurrency wallets, GhostClaw is designed to harvest a wide array of sensitive information from infected macOS systems. The stolen data is typically routed to attackers via Telegram, GoFile, and dedicated command-and-control (C2) servers. The list of targeted assets includes:

• macOS Keychain passwords and cloud service credentials.
• SSH keys used for remote server management.
• AI configurations and development environment variables.
• Active sessions for browser-based cryptocurrency extensions.

In a parallel development, security firm OX Security discovered a social engineering scheme on GitHub linked to the same threat actors. Developers are lured with the promise of "CLAW tokens" to visit a fraudulent OpenClaw website, which serves as an additional entry point for the malware.

Security Implications for the Crypto Community

The GhostClaw incident highlights the vulnerabilities inherent in open-source ecosystems like npm and GitHub. By targeting developers, attackers gain a foothold in environments where high-value private keys and API secrets are often stored. Industry experts advise macOS users and blockchain developers to exercise caution when installing new CLI tools and to utilize hardware wallets for storing significant digital asset holdings.

The rapid removal of the malicious package suggests that while automated registry monitoring is improving, the initial seven-day window was sufficient for the attackers to compromise dozens of targets. As of late March 2026, security teams continue to monitor for variations of the GhostLoader payload in the wild.