Cybercriminals are exploiting the growing popularity of the AI project OpenClaw to conduct phishing campaigns and steal cryptocurrency from developers, according to cybersecurity firm OX Security.
According to their information, fraudsters created fake accounts on GitHub, initiated discussions in controlled repositories, and tagged dozens of other users. They were informed that they had been selected to receive $5000 in CLAW tokens.
Victims were directed to a malicious website where they were prompted to connect their wallet to “receive the reward.”
According to OX Security, the page almost entirely mimicked the official OpenClaw resource. The only significant difference was the wallet connection button, integrated to steal funds.
The campaign spread through GitHub repositories and email newsletters. The perpetrators disguised the phishing as legitimate tools and extensions for popular software.
OX Security analysts recommended blocking the domain token-claw[.]xyz and avoiding connecting wallets to suspicious resources. Any token giveaway announcements on GitHub should be considered suspicious. Experts also advised checking the history of recent smart contract permissions and revoking access if necessary.
OpenClaw’s Popularity and Token Conflict
The wave of attacks coincided with the rising demand for OpenClaw among developers and small businesses using the software for task automation. The project’s GitHub repository garnered over 324,000 stars, ranking ninth globally.
In February, the startup OpenAI invited OpenClaw founder Peter Steinberger to lead the development of personal AI agents. Simultaneously, the entrepreneur faced pressure from the crypto community for refusing to launch the project’s token.
Steinberger is not interested in issuing or promoting a digital asset. In response, a group of users independently created a coin and began demanding official recognition, the introduction of fees, and the development of Web3 integrations. The community organized a mass spam campaign on Discord and social network X.
Due to the aggressive behavior of the audience, the creator even considered the possibility of completely deleting the project.
On March 18, Steinberger warned users that any crypto offers related to his software are fraudulent.
Earlier, due to the hype around OpenClaw in Chinese social networks, a paid service for removing the AI agent emerged. Notably, users previously paid for its installation.