← Back to Security Blog
Security Briefing 6 min read

ClawJacked: WebSocket Hijack Hits AI Agents, QuickLens Chrome Extension Steals Crypto

Oasis Security discovers high-severity WebSocket hijacking flaw in OpenClaw AI agents. QuickLens Chrome extension compromised for crypto theft. South Korean tax agency leaks mnemonic phrase — $4.8M stolen. Google API keys expose Gemini access.


ClawJacked: WebSocket Hijacking Vulnerability in OpenClaw AI Agents

High-Severity — OpenClaw WebSocket Hijack

Oasis Security researchers discovered "ClawJacked", a high-severity vulnerability allowing malicious websites to hijack OpenClaw AI agent sessions via localhost WebSocket connections. Any website visited by a user running an OpenClaw agent could silently connect to the local WebSocket endpoint and issue commands.

Impact: Full agent takeover — file access, command execution, data exfiltration through the AI agent's permissions.

How It Works

Mitigation: OpenClaw has released a patch requiring explicit origin allowlisting for WebSocket connections. Update immediately.


QuickLens Chrome Extension Compromised — Crypto Theft via ClickFix

The popular Chrome extension "QuickLens" has been removed from the Chrome Web Store after security researchers discovered it had been compromised to steal cryptocurrency. The attackers used a ClickFix social engineering technique to inject malicious code into the extension's update pipeline.

Attack Details

Action: Remove QuickLens immediately. Audit any recent crypto transactions. Review all installed Chrome extensions.


$4.8M Crypto Stolen After Korean Tax Agency Leaks Mnemonic Phrase

South Korea's National Tax Service (NTS) accidentally included a cryptocurrency wallet mnemonic recovery phrase in a public press release. Within hours, attackers used the phrase to drain 6.4 billion won ($4.8M USD) from the associated wallet.

What Happened

Lesson: Crypto key material must be treated with the same (or greater) sensitivity as classified documents. Multi-signature wallets and hardware security modules should be mandatory for government-held crypto assets.


~3,000 Google API Keys Expose Gemini AI Access

Truffle Security researchers discovered approximately 3,000 Google Cloud API keys embedded in client-side JavaScript code across public websites. When the Gemini API is enabled on the associated Google Cloud projects, these keys provide unauthenticated access to Google's Gemini AI models.

Risk Assessment

Action: Never embed API keys in client-side code. Use server-side proxies, restrict API key permissions, and enable billing alerts.


Recommended Actions

  1. Immediate: Update OpenClaw agents to patch the ClawJacked WebSocket vulnerability
  2. Immediate: Remove QuickLens Chrome extension and audit recent crypto transactions
  3. This Week: Audit all client-side code for exposed API keys
  4. Ongoing: Implement strict origin validation for all local service endpoints

Protect Your Organization with Kensai

AI-powered vulnerability management with 331,910+ CVEs indexed.

Start Free Trial

Stay secure. Stay vigilant.

🗡️ KENSAI Security Team

🛡️ Is your website secure?

Discover vulnerabilities before attackers do.

Scan your website for free →

📚 Related Articles