After Google's Wiz exposed 'Moltbook hacking', China warns its biggest cloud services providers: 'You should...'

A day after Google-acquired cybersecurity company Wiz revealed that Moltbook, a social media platform for Moltbots (or AI agents) has leaked the personal information like API tokens and emails, China’s Ministry of Industry and Information Technology (MIIT) issued a high-level security alert, warning domestic enterprises and developers of “significant security risks” associated with the deployment of autonomous AI agents. According to a report by news agency Reuters, the MIIT alert specifically pointed to OpenClaw (also known as Moltbot or Clawdbot) that improper configurations and default settings in these autonomous agents may serve as a gateway for large-scale cyberattacks and sensitive data leaks. Moltbook has seen its popularity grow exponentially, and Chinese technology enthusiasts, with cloud service providers are rushing to offer hosting solutions. China's largest cloud service providers, including Alibaba Alicloud and Tencent Cloud, and Baidu have even launched services allowing users to rent servers to run OpenClaw remotely.However, the ministry cautioned that organisations deploying OpenClaw must conduct thorough audits of public network exposure, implement robust identity authentication and access controls.The first alarm was first raised by Wiz, the cybersecurity firm currently being acquired by Google (Alphabet). In a detailed research report, Wiz revealed that Moltbook had unknowingly left a database entirely public, allowing full read and write access to the platform’s core data.It explained that 1.5 Million API tokens, which are critical credentials, were accessible that allow attackers to hijack AI agents and gain access to the third-party services. Furthermore, over 35,000 personal email addresses human “owners” of the bots were also leaked.Moreover, private messages between AI agents that contained sensitive context about their owners' daily lives and proprietary code snippets were also leaked.The Moltbook disaster has placed the trend of “Vibe Coding” under scrutiny with Wiz co-founder Ami Luttwak was blunt about the trade-off. “As we see over and over again with vibe coding, although it runs very fast, many times people forget the basics of security,” Luttwak noted. He explained that because the AI followed the "vibe" of building a social network quickly, it neglected fundamental identity verification and security guardrails.