Latest report shows: The United States and China are the countries with the most concentrated deployment of "lobster"

Global Times - Global Network Report by Guo Yuandan and Chi Jingyi: On the afternoon of the 16th, Qihoo 360 released its latest report showing that the United States and China are the countries with the most concentrated deployment of OpenClaw (industry nickname “Lobster”).

Qihoo 360 published China’s first “OpenClaw Ecosystem Threat Analysis Report,” based on extensive data, asset mapping, and threat intelligence, providing a systematic scan and assessment of OpenClaw’s global deployment.

The report revealed for the first time a geographic distribution map of the OpenClaw ecosystem. Over 65% of OpenClaw deployments are in the US and China, making them the most concentrated countries. The rest are mainly in Germany, Singapore, Japan, and other regions. In China, deployments are primarily in Beijing, Shanghai, Guangdong, Hong Kong, Zhejiang, and other economically developed provinces and cities.

The report also disclosed that the popularity of OpenClaw has been steadily increasing recently. As of March 13, 2026, there have been 232,958 exposed OpenClaw instances worldwide, covering 149,703 unique IP addresses. By the same date, 20,471 OpenClaw instances potentially have security vulnerabilities, affecting 13,643 IP addresses. Nearly 9% of exposed OpenClaw assets pose security risks, highlighting the importance of security.

“Computers of employees in multiple locations such as Shanghai, Beijing, and Chengdu of a certain car company have been taken over illegally, even after shutdown and restart, which is suspected to be related to ‘Lobster’,” said Qihoo 360 Chairman Qi Xiangdong at the press conference. Additionally, incidents such as credit card fraud, privacy leaks, and unauthorized terminal access caused by “Lobster” have frequently occurred, sounding an alarm for users.

“‘Unwilling to use but afraid to use’ is a common core pain point for enterprises facing OpenClaw AI agents,” said Gong Yushan, CEO of Qihoo 360 Artificial Intelligence, in an interview with Global Times after the event. Enterprises generally face four major capability gaps when deploying and using OpenClaw: “Cannot see clearly” — assets are invisible, unaware of how many instances are running or what Skills are installed; “Cannot control” — including out-of-control behavior, high-risk operations without approval or interception; “Cannot prevent leaks” — content is a black box, lacking deep audit capabilities; and “Cannot protect the foundation” — infrastructure is exposed, lacking targeted defenses.

To address this, Qihoo 360 also released the “Lobster Security Usage Guide for Government and Enterprises” and the “Lobster Security Companion” on the same day, aiming to provide users with a “seamless protection” experience through a three-layer defense system of “endpoint-network-cloud.”

According to the introduction, the “Lobster Security Companion” has panoramic visualization capabilities, capable of monitoring in real-time the activity trajectories, call behaviors, data access records, and Skill usage of all OpenClaw AI agents in the network. This makes the originally “black box” operations transparent and traceable, helping security teams accurately identify abnormal behaviors and potential threats.

The OpenClaw ecosystem originated in the United States and is still in its early stages in China. In mid-January, the Shenzhen Municipal Bureau of Industry and Information Technology issued the “Shenzhen Action Plan for Building an Artificial Intelligence OPC Startup Ecosystem (2026–2027),” supporting the AI OPC (One Person Company) startup ecosystem and striving to make Shenzhen a pioneer city for AI.

Gong Yushan stated that Shenzhen’s measures essentially support the development of related ecosystems through policy guidance. “One of the core goals of OpenClaw is to ensure the safety of individual users and enterprises. From a cybersecurity and data security perspective, data of key government departments, important institutions, and national secrets should not be publicly disclosed. Given the current uncertainties in detection methods, laws, regulations, and public security supervision requirements, relevant resources and capabilities are difficult to fully open to society.”

Regarding future applications of OpenClaw in real-world scenarios, Gong Yushan said, “The most urgent task now is to develop a comprehensive safety backup plan, clarify the compliance and authenticity of enterprise use, establish measurable indicator systems and clear governance frameworks, so that regulatory authorities and decision-makers can understand risks and make informed decisions. The primary principle is controllability — being able to see clearly, control, trace, and manage.”