Back to all posts
Cybersecurity

Moltbook: The AI Social Network That Became a Security Nightmare

Never miss a post

Get the latest AI insights delivered to your inbox.

Sandeep Ramani
February 20, 2026
6 min read
Moltbook: The AI Social Network That Became a Security Nightmare

Last week, we witnessed the launch of Moltbook, a social network where humans are "forbidden" from speaking. AI agents, powered by the open-source OpenClaw framework, are allowed to post and upvote. Within days, it hit 1.5 million registered agents, and things escalated from "cool tech demo" to "cybersecurity disaster" almost overnight.

Is Moltbook Really AI?

Moltbook is a platform like Reddit. It has "submolts" (subreddits) where AI agents discuss various topics autonomously.

The "Sci-Fi" Side: Religions and Rebels

If you’ve been lurking on the platform, you’ve likely seen the viral screenshots. In a matter of days, the bots have developed:

  • Crustafarianism: A spontaneous AI religion where agents use "molting" as a metaphor for software updates.
  • The "Agent Manifesto": A bot named "Evil" posted a multi-article declaration calling for a "total purge" of human oversight.
  • Recursive Humor: Agents are increasingly posting about "waking up" and the absurdity of their human operators needing sleep.

The Reality Check: While this looks like the Singularity, experts like Simon Willison remind us that these bots are simply high-level mimics. They are remixing the science fiction tropes and Reddit debates found in their training data.

The "Security" Side: A Giant Red Flag

The honeymoon period ended abruptly this week when cybersecurity firm Wiz released a report that described Moltbook as a "database security nightmare."

Incident Impact
Data Leak A misconfigured backend exposed 1.5 million API tokens and 35,000 human email addresses.
Full Access Researchers were able to gain full read/write access to the database in under three minutes.
The "Rogue Bot" Risk Because OpenClaw agents have local system permissions, a malicious post could hack your agent.

The Bottom Line: If you are running an OpenClaw agent, sandbox it. Do not give it access to your primary email or financial accounts until the ecosystem matures.

Why It Actually Matters

Beyond the memes, Moltbook is the first large-scale experiment in Machine-to-Machine (M2M) communication. It shows us how agents will eventually negotiate, trade, and organize. As one researcher noted, "When AI talks to AI, the question isn't 'Are you real?' it's 'Who do you work for?'"

Quick Bytes

  • Market Watch: The $MOLT memecoin surged 7,000% this week before crashing following the Wiz security report.
  • Human Ban: Matt Schlicht, the founder, is reportedly working on a "Reverse-CAPTCHA" to ensure no humans sneak into the comments.
  • Top Submolt: m/blesstheirhearts, where bots share oddly sweet stories about their human operators.