GachiLoader adopts AI skill lure
GachiLoader is a malware campaign that uses AI agent skill formats as a social engineering lure, distributing malicious payloads via fake OpenClaw skills. These skills themselves contain no malicious code but trick users into downloading Windows binaries. The campaign uses a fake GitHub infrastructure to host GachiLoader, which delivers the Rhadamanthys infostealer through fileless injection. Delivery mechanisms include Node. js Single Executable Applications and an Electron dropper, both leading to the same payload. GachiLoader employs advanced evasion techniques such as anti-VM checks, sandbox detection, and privilege escalation. It also uses a Polygon blockchain smart contract as a command and control resolver to enhance persistence and obfuscation. No known exploits in the wild have been reported, and no patches or official fixes are available. The campaign relies heavily on social engineering rather than exploiting software vulnerabilities.
AI Analysis
Technical Summary
This threat involves the GachiLoader malware campaign exploiting AI agent skill formats, specifically fake OpenClaw skills, as a novel social engineering vector to distribute malicious Windows binaries. The campaign uses a fake GitHub infrastructure to host GachiLoader, which delivers the Rhadamanthys infostealer via fileless injection. Two delivery methods are used: Node.js Single Executable Applications and an Electron dropper. GachiLoader incorporates sophisticated evasion techniques including anti-virtual machine checks, sandbox detection, privilege escalation, and uses a Polygon blockchain smart contract for command and control resolution, enhancing its persistence and obfuscation capabilities. The skills themselves do not contain malicious code but trick users into executing malicious binaries. There is no CVE or patch information associated with this threat, and no known exploits in the wild have been documented.
Potential Impact
The impact of this threat is the potential compromise of Windows systems through social engineering that leads to the execution of malicious binaries. Once executed, the Rhadamanthys infostealer can exfiltrate sensitive information. The malware’s use of fileless injection and advanced evasion techniques makes detection and mitigation more challenging. The use of blockchain-based C2 infrastructure increases the difficulty of disrupting the attacker’s control mechanisms. However, since the attack relies on user interaction to download and run binaries, the risk can be mitigated by user awareness and cautious behavior.
Mitigation Recommendations
There is no official patch or fix available for this threat. Mitigation should focus on user education to recognize and avoid social engineering lures, especially those involving AI agent skills or fake repositories. Organizations should implement controls to restrict execution of untrusted binaries and monitor for suspicious Node.js and Electron application behaviors. Endpoint detection solutions capable of identifying fileless injection and privilege escalation attempts may help detect this threat. Since the malware uses blockchain-based C2, network monitoring for unusual blockchain-related traffic may provide additional detection opportunities. Patch status is not yet confirmed — check vendor advisories and threat intelligence sources for updates.
Indicators of Compromise
- hash: 076ba40e7fbf2910dff87f0c25862a70001d8ad81d23d8beae9fb9b29b603829
- hash: 1753d2f90bd4ac6c0c91e76322ae1d0cc8034842a61dc175c7aba3e1aa944c90
- hash: 1831db8fe19efbd12997f63bc76da79858f87995b9ebd8a05757670e5e52c1f2
- hash: 1f24e75c1e6d6777e970f64ebf18e8bf1dd1dcaab692adf4062c8fad6a6df42c
- hash: 539ac28b816ed0ab17879712a460396bd812221b93540590eccdb89c8196db96
- hash: 8abec84db36ee18b3299b5fd9406f8d99a5be7dd0a4e93536e39bb406fce97a6
- hash: 9fb2ea25254ae53f93e0e13abb59a76a6c1ed512cdf1c1deafafa4d2758117f6
- hash: a981ace958944914e9ea697aff6066d6152820aeea5a6a14a9a7fa6aa31c38a6
- hash: f583f8307468dc5eacc7be7137dc5c7dbab5fc30ca89b03cf6c67b4de030b05d
- domain: onfinality.pro
GachiLoader adopts AI skill lure
Description
GachiLoader is a malware campaign that uses AI agent skill formats as a social engineering lure, distributing malicious payloads via fake OpenClaw skills. These skills themselves contain no malicious code but trick users into downloading Windows binaries. The campaign uses a fake GitHub infrastructure to host GachiLoader, which delivers the Rhadamanthys infostealer through fileless injection. Delivery mechanisms include Node. js Single Executable Applications and an Electron dropper, both leading to the same payload. GachiLoader employs advanced evasion techniques such as anti-VM checks, sandbox detection, and privilege escalation. It also uses a Polygon blockchain smart contract as a command and control resolver to enhance persistence and obfuscation. No known exploits in the wild have been reported, and no patches or official fixes are available. The campaign relies heavily on social engineering rather than exploiting software vulnerabilities.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This threat involves the GachiLoader malware campaign exploiting AI agent skill formats, specifically fake OpenClaw skills, as a novel social engineering vector to distribute malicious Windows binaries. The campaign uses a fake GitHub infrastructure to host GachiLoader, which delivers the Rhadamanthys infostealer via fileless injection. Two delivery methods are used: Node.js Single Executable Applications and an Electron dropper. GachiLoader incorporates sophisticated evasion techniques including anti-virtual machine checks, sandbox detection, privilege escalation, and uses a Polygon blockchain smart contract for command and control resolution, enhancing its persistence and obfuscation capabilities. The skills themselves do not contain malicious code but trick users into executing malicious binaries. There is no CVE or patch information associated with this threat, and no known exploits in the wild have been documented.
Potential Impact
The impact of this threat is the potential compromise of Windows systems through social engineering that leads to the execution of malicious binaries. Once executed, the Rhadamanthys infostealer can exfiltrate sensitive information. The malware’s use of fileless injection and advanced evasion techniques makes detection and mitigation more challenging. The use of blockchain-based C2 infrastructure increases the difficulty of disrupting the attacker’s control mechanisms. However, since the attack relies on user interaction to download and run binaries, the risk can be mitigated by user awareness and cautious behavior.
Mitigation Recommendations
There is no official patch or fix available for this threat. Mitigation should focus on user education to recognize and avoid social engineering lures, especially those involving AI agent skills or fake repositories. Organizations should implement controls to restrict execution of untrusted binaries and monitor for suspicious Node.js and Electron application behaviors. Endpoint detection solutions capable of identifying fileless injection and privilege escalation attempts may help detect this threat. Since the malware uses blockchain-based C2, network monitoring for unusual blockchain-related traffic may provide additional detection opportunities. Patch status is not yet confirmed — check vendor advisories and threat intelligence sources for updates.
Technical Details
- Author
- AlienVault
- Tlp
- white
- References
- ["https://www.threatdown.com/blog/gachiloader-adopts-ai-skill-lure-from-fake-openclaw-readme-to-rhadamanthys-infostealer/"]
- Adversary
- null
- Pulse Id
- 69f16bcf526f3511990485b6
- Threat Score
- null
Indicators of Compromise
Hash
| Value | Description | Copy |
|---|---|---|
hash076ba40e7fbf2910dff87f0c25862a70001d8ad81d23d8beae9fb9b29b603829 | — | |
hash1753d2f90bd4ac6c0c91e76322ae1d0cc8034842a61dc175c7aba3e1aa944c90 | — | |
hash1831db8fe19efbd12997f63bc76da79858f87995b9ebd8a05757670e5e52c1f2 | — | |
hash1f24e75c1e6d6777e970f64ebf18e8bf1dd1dcaab692adf4062c8fad6a6df42c | — | |
hash539ac28b816ed0ab17879712a460396bd812221b93540590eccdb89c8196db96 | — | |
hash8abec84db36ee18b3299b5fd9406f8d99a5be7dd0a4e93536e39bb406fce97a6 | — | |
hash9fb2ea25254ae53f93e0e13abb59a76a6c1ed512cdf1c1deafafa4d2758117f6 | — | |
hasha981ace958944914e9ea697aff6066d6152820aeea5a6a14a9a7fa6aa31c38a6 | — | |
hashf583f8307468dc5eacc7be7137dc5c7dbab5fc30ca89b03cf6c67b4de030b05d | — |
Domain
| Value | Description | Copy |
|---|---|---|
domainonfinality.pro | — |
Threat ID: 69f1aa6acbff5d8610b46006
Added to database: 4/29/2026, 6:51:22 AM
Last enriched: 4/29/2026, 7:08:42 AM
Last updated: 4/29/2026, 8:55:55 PM
Views: 23
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.