| ▲ | nickthegreek 3 hours ago | |
The 135k number appears to be pulled out of thin air? No idea where the 65% comes from. The command the post gives to list paired devices isn't correct. These are red flags. | ||
| ▲ | TZubiri an hour ago | parent [-] | |
It's pretty reasonable though, a lot of OpenClaw instances are hosted on a VPS, this is not unsafe. My interpretation is that 135k instances are vulnerable, but of those there's more conditions that need to be met, specifically: These need to be multi-user systems where there are users with 'basic pairing' privileges. Which I don't think is very common, most instances are single-user. So way less than the 135k number. I think a more accurate title would have been "If you're running OpenClaw, you are probably vulnerable" but not "you probably got hacked", that's just outright false and there's no evidence that the exposed users were ALL hacked. | ||