Moltbot Framework Exposes 1,400+ Instances via mDNS Misconfigurations
Security researchers have uncovered a widespread exposure of 1,487 Moltbot instances globally, leaking sensitive operational metadata and messaging platform credentials through misconfigured multicast DNS (mDNS) broadcasts. The open-source framework, designed for autonomous agent orchestration, inadvertently disclosed system-level details including hostnames, filesystem paths, service ports, and identity artifacts to any device on the same network segment.
Key Findings
- Exposed Data: Full machine hostnames, Clawdbot Control panel ports (18789), SSH ports, internal IPs, and messaging platform credentials (Signal, Telegram, WhatsApp) containing registration secrets and identity keys.
- Geographic Spread: Instances were found across 53 countries, with the highest concentration in the U.S. Major hosting providers included DigitalOcean, AWS, and OVH.
- Accessible Control Panels: 88 instances had publicly exposed web interfaces, with 66 leaking both mDNS and web access simultaneously.
- Credential Leakage: Open directory listings revealed operational logs, cryptographic material, and runtime caches, enabling full agent impersonation without exploiting vulnerabilities.
- Network Reconnaissance: mDNS broadcasts, intended for local service discovery, acted as pre-authentication metadata leaks, exposing systems in workplace Wi-Fi, co-working spaces, and university networks.
Deployment Failures & Attack Surface
The exposure stems from poor deployment hygiene rather than software flaws. Many instances self-announced internal structures via mDNS, providing attackers with reconnaissance data without active probing. A dedicated honeypot with 25 open ports suggested early attacker interest, while 635 accessible web control interfaces further expanded the attack surface.
The combination of service advertisements, open directories, and credential leaks creates pre-authentication compromise risks, allowing adversaries to bypass authentication, hijack agent identities, or conduct phishing and lateral movement attacks. The findings highlight systemic misconfigurations in Moltbot deployments, where operators often overlook mDNS implications and basic access controls.
Source: https://cyberpress.org/moltbot-operators-leak-control-panels-via-exposed-mdns-traffic/
AWS Partners cybersecurity rating report: https://www.rankiteo.com/company/aws-partners
DigitalOcean cybersecurity rating report: https://www.rankiteo.com/company/digitalocean
OVHcloud cybersecurity rating report: https://www.rankiteo.com/company/ovhgroup
"id": "AWSDIGOVH1769784401",
"linkid": "aws-partners, digitalocean, ovhgroup",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'location': '53 countries (highest concentration in '
'the U.S.)',
'name': 'Moltbot Framework Users',
'type': 'Organizations/Individuals'}],
'attack_vector': 'mDNS Broadcasts',
'data_breach': {'file_types_exposed': 'Logs, cryptographic material, runtime '
'caches',
'number_of_records_exposed': '1,487 instances',
'personally_identifiable_information': 'Hostnames, identity '
'artifacts, messaging '
'platform credentials',
'sensitivity_of_data': 'High (identity artifacts, '
'credentials, internal IPs, service '
'ports)',
'type_of_data_compromised': 'Operational metadata, messaging '
'platform credentials, '
'cryptographic material, runtime '
'caches'},
'description': 'Security researchers uncovered a widespread exposure of 1,487 '
'Moltbot instances globally, leaking sensitive operational '
'metadata and messaging platform credentials through '
'misconfigured multicast DNS (mDNS) broadcasts. The '
'open-source framework, designed for autonomous agent '
'orchestration, inadvertently disclosed system-level details '
'including hostnames, filesystem paths, service ports, and '
'identity artifacts to any device on the same network segment.',
'impact': {'data_compromised': 'Hostnames, filesystem paths, service ports, '
'messaging platform credentials (Signal, '
'Telegram, WhatsApp), operational logs, '
'cryptographic material, runtime caches',
'identity_theft_risk': 'High (identity artifacts and credentials '
'exposed)',
'operational_impact': 'Pre-authentication compromise risks, agent '
'identity hijacking, phishing, lateral '
'movement attacks',
'systems_affected': '1,487 Moltbot instances'},
'lessons_learned': 'Poor deployment hygiene and overlooked mDNS implications '
'can lead to systemic misconfigurations, exposing '
'sensitive data without active exploitation. Basic access '
'controls and network segmentation are critical.',
'post_incident_analysis': {'corrective_actions': 'Audit mDNS configurations, '
'enforce access controls, '
'segment networks, monitor '
'service advertisements',
'root_causes': 'mDNS misconfigurations, poor '
'deployment hygiene, lack of access '
'controls, open directory listings'},
'recommendations': 'Implement proper mDNS configuration, enforce access '
'controls, segment networks, and audit open directories '
'and service advertisements to prevent metadata leaks.',
'references': [{'source': 'Security Research Report'}],
'title': 'Moltbot Framework Exposes 1,400+ Instances via mDNS '
'Misconfigurations',
'type': 'Misconfiguration',
'vulnerability_exploited': 'mDNS Misconfiguration'}