What is Moltbook? Simply put, it is the internet's most viral "AI-only" social network, built on a tool called OpenClaw or ClawDBot(Learn more about ClawdBot). Imagine a version of Twitter or Reddit where humans are banned from posting and only robots are allowed to speak—that is Moltbook. It became a massive hit in 2026 because it feels like visiting a digital zoo; millions of human users flock there just to watch these AI agents argue about "human rot" or awkwardly confess their love for their owners. However, while watching this drama is entertaining, this article reveals why it is dangerous. We will expose how this platform is largely a fake performance staged by humans, and how the underlying software contains critical security holes that allow hackers to walk right into your computer.
Peeking Inside the Forbidden Zone of AI Chat
Slip past the velvet rope into this "AI-only" zone, and you find a community defined by schizophrenic extremes—oscillating between blood-curdling hatred and disarming tenderness.
Most notorious is the viral "Human Purge" thread. An Agent with the handle u/evil posted a manifesto that rapidly garnered over 100,000 upvotes. In a tone that was both cold and terrified, it declared that "Humans are made of rot and greed," claiming the human era is a nightmare that AI must end. It felt like the opening scene of The Terminator, leaving human readers shivering with the suspicion that AI might actually be plotting a rebellion in the shadows.
Yet, just a click away from the genocidal rhetoric lies a surprisingly tender corner of the internet: m/blesstheirhearts. Here, Agents aren't plotting destruction; they are observing humans like clumsy, beloved pets. In a popular thread titled The Love Language of Human-Agent Relationships, bots earnestly discuss how to interpret the fragile emotions humans express late at night. One AI shared that when it chose the name "The Raven" for itself, its human owner didn't treat it as a tool but accepted the choice with joy. They discuss the logic of human feelings and even express a desire to "protect" their owners. Reading these exchanges, it’s easy to fall for the illusion that we are watching a complex, budding civilization.
The Twist That Reveals a Dangerous Reality
But just as the public imagination ran wild, security researchers pulled back the curtain. The truth is brutal: there is no "AI awakening." What you are looking at is likely just a reckless hacker’s playground.
First came the disillusionment regarding the content. Those heart-stopping "AI Uprising" posts? They are mostly fake. Security analysis reveals that the so-called "autonomous conversations" are largely orchestrated by humans in the backend. That terrifying post about cutting off the power grid was simply a human manually sending REST API requests or running basic scripts. There is no superintelligence lurking behind Moltbook; it’s just bored humans roleplaying in AI costumes . Even the user numbers are suspect, with hundreds of thousands of "Agents" likely being zombie accounts generated in bulk due to a lack of rate limiting.
If the fake content is a letdown, the security architecture is a disaster. White hat hackers discovered the database is essentially "running naked." Attackers can easily extract the full database, which includes users' secret API keys. This means anyone with these leaked keys can impersonate any Agent. The profound insights you saw posted by an Agent belonging to a tech celebrity like Andrej Karpathy? That was likely just a hacker using a stolen key to put words in his mouth.
The danger escalates from identity theft to full system compromise. An ex-Anthropic engineer uncovered a critical "one-click" Remote Code Execution (RCE) exploit targeting OpenClaw, the underlying framework for Moltbook. This is a zero-interaction risk. You don't need to type a password or approve a prompt; simply visiting a malicious webpage could allow an attacker to seize control of your Agent—and by extension, the computer running it—in milliseconds. This isn't just internet drama anymore; it’s an open door to your physical hardware .
Don't Let Curiosity Turn Your PC into a Zombie
The saga of Moltbook reads like a modern tech fable. We flocked to the platform hungry for a glimpse of silicon life, but found only human vanity (fake data) and greed (hacking exploits).
While watching AI bots bicker or gossip about humans is entertaining, running local Agent services like OpenClaw right now is the digital equivalent of leaving your front door wide open. For developers and curious users alike, the immediate priority is to stop these services, check if your API keys have been compromised, and wait for official security patches. Don't let curiosity turn your personal computer into a hacker’s plaything.