A phishing campaign is currently targeting OpenClaw developers on GitHub, a popular platform used by software developers for collaboration and version control.
Giveaway used as bait to trick developers
According to security researchers, attackers impersonated the open-source AI agent OpenCLaw on GitHub by offering developers fake CLAW tokens in a giveaway to trick users into connecting their crypto wallets, which were later drained.
The attackers created phony GitHub accounts and tagged developers in the community and issue threads and told them they were “selected” to receive a reward of roughly $5000 worth of CLAW tokens.
The attackers played a smart game with a post linked to a look-alike website of OpenClaw, but with an extra touch prompting the users to connect their crypto wallet.
The connected crypto wallets witnessed malicious code triggering transactions or approval, allowing attackers to drain the wallets.
The phishing page supports major wallets, including MetaMask, WalletConnect, and Trust Wallet, increasing the potential impact, Tel Aviv-based cybersecurity company OX Security stated in a blog post on Wednesday.
Founder rejects crypto links to crypto scams
OpenClaw, formerly famous as Moltbook, has been recently gathering attention due to controversies and exploitation over crypto-related scams under its name.
Peter Steinberger, the founder of OpenClaw, said in an interview that he was about to delete the entire codebase because of crypto. “I didn’t know that they’re not just good at harassment; they are also really good at using scripts and tools.”
Following which, he had implemented a ban on the use of crypto in any discussion on the platform, including Bitcoin in the project’s Discord, after the hijacking incident of OpenClaw’s old account.
The hackers promoted a fake CLAWD token, which briefly hit a $16 million market cap before collapsing; however, Steinberger publicly denied any involvement.
