Crypto scammers are using OpenClaw’s popularity to target developers via a new GitHub phishing campaign designed to drain their crypto wallets.
Summary
- Attackers are impersonating OpenClaw on GitHub, creating fake accounts and tagging developers with messages offering $5,000 in $CLAW tokens.
- Victims are directed to a cloned website where a malicious wallet connection prompt is used to trigger wallet draining.
- OX Security says the campaign uses obfuscated code and targeted tactics, though no confirmed victims have been reported so far.
A report published by platform OX Security detailed an active phishing campaign targeting OpenClaw via a coordinated effort on GitHub, where attackers create fake accounts, open issue threads in attacker-controlled repositories, and tag dozens of developers.
One such post detailed how developers were approached with messages claiming they had been selected for an OpenClaw allocation, telling them they had won $5,000 worth of $CLAW tokens, and subsequently directing them to a fake website that closely resembles openclaw.ai.
On the website, victims are presented with the option of connecting their wallets through a malicious “Connect your wallet” prompt that eventually leads to wallet draining.
The campaign has surfaced as OpenClaw has become a more visible project, especially after OpenAI CEO Sam Altman announced that OpenClaw creator Peter Steinberger would lead its push into personal AI agents. OpenClaw has since transitioned into a foundation-run open source project.
Researchers at OX Security said attackers may be using GitHub’s star feature to identify users who have starred OpenClaw-related repositories, thereby making it appear more targeted and credible.
Scammers were seen using a file named “eleven.js” to embed wallet-stealing code within obfuscated JavaScript. Once triggered, scammers used a built-in “nuke” function that wipes traces from the browser’s local storage to avoid detection and continue tracking activity.
The malware tracks user actions via commands such as PromptTx, Approved, and Declined, sending encoded data, including wallet addresses and transaction values, to a command and control server.
Researchers have identified at least one wallet address believed to be linked to the attackers that was used to receive stolen funds. So far, there has been no confirmation of victims.
OX Security has urged users to block token-claw[.]xyz and watery-compost[.]today, and avoid connecting crypto wallets to newly surfaced or unverified sites.
In the meantime, OpenClaw creator Peter Steinberger has enforced a strict anti-crypto policy. Any mention of cryptocurrencies across the project’s Discord server can lead to removal.
The decision stems from a scam that surfaced during its rebrand, where attackers promoted a Solana-based token called $CLAWD that surged to approximately $16 million in market capitalization before falling over 90% after Steinberger denied any involvement.
