Builders of OpenClaw, a well-liked open-source AI undertaking, are being focused by phishing assaults on GitHub with faux token rewards designed to lure customers into connecting crypto wallets.
Cybersecurity agency OX Safety reported the rip-off on Wednesday and mentioned it had discovered no victims to this point. OpenClaw creator Peter Steinberger individually warned on X that any emails claiming affiliation with the undertaking are scams, urging customers to solely go to the official website. “We’d by no means try this. The undertaking is open supply and non-commercial,” Steinberger mentioned.
In line with OX Safety, attackers created faux GitHub accounts that posted messages in repositories they managed, tagging builders to extend visibility. The posts claimed that recipients had gained $5,000 value of “CLAW,” a non-existent cryptocurrency falsely related to the undertaking, in an try to trick recipients into visiting a cloned web site.
The marketing campaign directed customers to a cloned web site resembling OpenClaw’s official web page and prompted them to attach crypto wallets, a typical phishing tactic used to steal credentials or safe malicious approvals.
Social media stories counsel that builders had been conscious of the fraud, with many labeling the marketing campaign as a rip-off instantly.
OpenClaw creator warned customers undertaking would by no means launch a token
The assault comes months after the OpenClaw creator warned customers that the undertaking would by no means launch a cryptocurrency, and that any token claiming affiliation with him was fraudulent.
“I’ll by no means do a coin. Any undertaking that lists me as coin proprietor is a rip-off,” Steinberger mentioned in an X submit in January.
The phishing marketing campaign marks one other try by attackers to capitalize on OpenClaw’s viral recognition.
Launched in November 2025, OpenClaw gives a free, open-source autonomous AI agent that runs regionally on computer systems to handle recordsdata, software program and browser duties by way of chat platforms like WhatsApp or Telegram.
Associated: Crypto hacks fall to $49M in February as attackers shift to phishing scams
The platform obtained excessive GitHub engagement and lively social communities, amassing greater than 465,000 subscribers on X within the months following its launch.
In a transfer to struggle scams, the OpenClaw undertaking additionally confirmed a ban on Bitcoin (BTC) and crypto discussions in its official Discord channel in February.
Journal: 6 huge challenges Bitcoin faces on the street to quantum safety
