OpenClaw’s rise draws phishing campaign targeting developers’ crypto wallets

Cybersecurity firm OX Security reported a phishing campaign exploiting the increasing popularity of the open-source AI agent project, OpenClaw. Attackers created fake GitHub accounts and issues, offering developers $5,000 in "CLAW" tokens to lure them to a malicious website. This site cloned OpenClaw’s official website but included a wallet-draining “Connect your wallet” button. The campaign spread through GitHub and email, and OpenClaw’s creator, Peter Steinberger, warned users to disregard any crypto-related outreach associated with the project, as it is non-commercial and would not conduct such promotions. OX Security advises blocking malicious domains and treating token giveaway promotions on GitHub as suspicious.

(Source：The Block)