In recent times, the open-source AI entity OpenClaw (widely known as “lobster” due to its icon) has quickly gained popularity on the Chinese internet. However, the Chinese Communist Party is concerned about the high-privilege nature of OpenClaw, which may pose security risks such as data leaks. As a result, restrictions on OpenClaw are rapidly expanding in China. Not only state-owned banks, government agencies, and some sensitive units have been required to limit the use of OpenClaw, but many mainland universities have also recently issued notifications to strictly control the use of this tool on campus.
OpenClaw has drawn widespread attention for its ability to autonomously execute computer operations and handle office tasks.
Several universities such as Zhuhai University of Science and Technology, Anhui Normal University, and Jiangsu Normal University sent out notifications on March 10th and 11th. The institutions have strictly forbidden the operation of “lobster” on any device, and staff are required to “thoroughly uninstall” it immediately.
Zhuhai University of Science and Technology explicitly stated that all relevant programs have been completely uninstalled, and all configurations, caches, and log files have been removed. They will conduct a “campus network scan” and deal seriously with any violations.
The Network Security and Informatization Office of Anhui Normal University issued an alert on March 10th, stating that the privacy leakage risk of the “lobster” AI entity is extremely high, its autonomous execution is prone to loss of control, the permission management has loopholes, and the technical threshold does not match the usage risks.
The office requires all departments and staff within the university to strictly prohibit the use of this tool in handling teaching and research data, administrative office information, student information, and other work scenarios to prevent data leaks and system attacks on campus and uphold the bottom line of campus data security.
The Information Technology Construction and Public Resource Management Office of Jiangsu Normal University also issued a reminder on March 11th regarding preventing security risks of OpenClaw. They recommended that faculty and students prioritize using cloud servers, virtual machines, containers, and isolation technologies when using the OpenClaw AI entity. If network access is necessary, it must be authenticated through encrypted channels like SSH, with strict restrictions on access source addresses.
According to Bloomberg’s report on March 11th, sources revealed that Chinese state-owned enterprises and government agencies, including large banks, have been notified to restrict the deployment of OpenClaw on office computer equipment and environments. Those who have installed related applications are required to immediately deactivate them and arrange for deletion or report for security checks.
Sources also mentioned that major state-owned banks and some government departments completely prohibit employees from installing this tool on office computers and using personal phones on the company network, with restrictions also applying to military family members.
The “Network Security Threats and Vulnerability Information Sharing Platform” of the Ministry of Industry and Information Technology of the Chinese Communist Party stated that monitoring found certain instances of OpenClaw have high security risks due to default or improper configurations, making them susceptible to network attacks, information leaks, and other security issues. On March 8th, the “MIIT has issued a high-risk warning” topic trended on social media.
On March 10th, the National Internet Emergency Response Center of the Chinese Communist Party issued a risk advisory on secure applications of OpenClaw. The advisory mentioned that the recent surge in downloads and usage of OpenClaw has been observed, with leading domestic cloud platforms offering one-click deployment services. This software operates computers directly based on natural language instructions. Given its vulnerable default security configurations, once attackers find a loophole, they can easily gain complete control of the system.
The advisory also pointed out that due to misinterpreting user operation commands and intentions, OpenClaw may permanently delete important information like emails; multiple plugins compatible with OpenClaw have been confirmed as malicious or pose potential security risks, allowing for malicious operations such as stealing keys upon installation.
On the evening of March 11th, the “Network Security Threats and Vulnerability Information Sharing Platform” of the Ministry of Industry and Information Technology of the Chinese Communist Party further released “six do’s and six don’ts” recommendations to prevent security risks associated with OpenClaw, the open-source AI entity.
Under the dual pressure of official Chinese regulations and technological fears, a peculiar “harvesting model” rapidly emerged on Chinese internet platforms. Businesses in Shanghai immediately started offering “pay-to-uninstall” services for OpenClaw on Xiaohongshu (Little Red Book) claiming to provide remote uninstallation services that are “safe and thorough, leaving no residues,” charging 199 RMB each. Subsequently, some businesses began offering both downloading and uninstalling services, with installation priced at 299 RMB and uninstallation at 199 RMB.
Many mainland netizens have expressed objections to businesses offering paid uninstallation services. Some have lamented that even this aspect can be monetized, while others humorously commented that “lobsters are difficult to maintain,” attributing the situation to people leaving room for such exploitation.
One netizen self-mockingly remarked that if they were to install and then uninstall the tool through the same business, they would be charged 498 RMB, equivalent to being exploited twice.