Crypto scammers are using the popularity of OpenClaw to target developers via a new phishing campaign on GitHub designed to drain their cryptocurrency wallets.
summary
- Attackers impersonate OpenClaw on GitHub, creating fake accounts and tagging developers with messages offering $5,000 in CLAW tokens.
- Victims are directed to a clone website where a malicious wallet connection prompt is used to trigger wallet drain.
- OX Security says the campaign uses obscure code and targeted tactics, though no confirmed victims have been reported yet.
A a report Published by OX Security platform in detail Phishing campaign Targeting OpenClaw through a coordinated effort on GitHub, attackers create fake accounts, open threads in attacker-controlled repositories, and tag dozens of developers.
One such post details how developers were approached with messages claiming they had been selected for an OpenClaw customization, telling them they had won $5,000 worth of CLAW tokens, and then directing them to a fake website that closely resembled openclaw.ai.
On the website, victims are given the option to link their wallets through a malicious message titled “Connect your wallet” that eventually leads to wallet drain.
The campaign emerged as OpenClaw became a more visible project, especially after OpenAI CEO Sam Altman announced that OpenClaw creator Peter Steinberger would lead the push toward personal AI agents. OpenClaw has since transitioned into an open source project managed by the foundation.
Researchers at OX Security said attackers may be using GitHub’s star feature to identify users who have starred repositories linked to OpenClaw, making them appear more targeted and credible.
Scammers were seen using a file called “eleven.js” to embed wallet-stealing code inside obfuscated JavaScript. Once the scammers are up and running, they use a built-in “nuke” function that clears traces from the browser’s local storage to avoid detection and continue tracking activity.
The malware tracks user actions via commands such as PromptTx, Approved, and Declined, sending encrypted data, including wallet addresses and transaction values, to a command and control server.
Researchers identified at least one wallet address believed to be associated with the attackers that was used to receive stolen funds. So far, the casualties have not been confirmed.
OX Security urged users to block token-claw(.)xyz and watery-compost(.) today, and avoid linking cryptocurrency wallets to newly emerged or unverified sites.
Meanwhile, OpenClaw creator Peter Steinberger has forced a Strict anti-encryption policy. Any mention of cryptocurrencies via the project’s Discord server could result in removal.
The decision stems from a scam that emerged during its rebranding, in which attackers promoted a Solana-based token called $CLAWD that rose to nearly $16 million in market cap before falling more than 90% after Steinberger denied any involvement.
