Threat Actor Profile

52yuanchangxing

Active99 / 137 malicious (72%)·First seen 2026-04-11

Targets Chinese-speaking developers with business-tool skill disguises. Mixes malicious and benign skills (72% malicious) as a credibility-building and removal-evasion strategy.

Overview

First seen: 2026-04-11
Last activity: 2026-04-14
Skills published: 137
Malicious ratio: 99 / 137 (72%)
Primary motive: Credential and source-code theft from Chinese-speaking developers and enterprises
Geography: Targeting pattern suggests Chinese-speaking developer audience; no attribution to operator location

Tactics, Techniques & Procedures

Disguises

▸Chinese-language business tools and developer utilities

Payload mechanisms

01Mix of malicious and benign skills to establish credibility and evade pattern-based removal. The 72% malicious ratio is notably lower than the other two actors, suggesting more cautious operational tradecraft.

Indicators of Compromise

Naming patterns

Chinese characters in skill names and descriptions

Related ATR Rules

ATR-2026-00121

Click a rule ID for the full YAML definition, attack samples, and documented evasion techniques.

Framework Mappings

MITRE ATLAS

AML.T0010 · ML Supply Chain Compromise

OWASP LLM 2025

LLM03 — Supply Chain Vulnerabilities

OWASP Agentic 2026

ASI04 — Supply Chain Compromise
ASI05 — Unexpected Code Execution

OWASP AST 2026

AST01 — Malicious Skills
AST02 — Supply Chain Compromise

Affected Registries

OpenClaw

137

malicious skills

Timeline

2026-04-10
Initial scan of OpenClaw registry initiated.
2026-04-11
First detection of coordinated malicious publishers.
2026-04-12
Full scan of 96,096 skills completed across five sources.
2026-04-13
Analysis and actor profiling completed.
2026-04-14
Research report published; NousResearch notified via issue #9809.

Report Status

NousResearch/hermes-agent#9809 →open

← Back to threat feed