In brief
- Attackers used fake GitHub accounts to tag developers, claiming they had won $5,000 in $CLAW tokens and directing them to a cloned OpenClaw site.
- OX Security said the phishing page used heavily obfuscated JavaScript and a separate C2 server to drain connected wallets and hide activity.
- The accounts were created last week and deleted within hours of launch, with no confirmed victims so far.
OpenClaw’s viral rise has drawn an ugly new side effect: crypto scammers are now using the AI agent project’s name to target developers in a phishing campaign aimed at draining their wallets.
Security platform OX Security published a report on Wednesday detailing an active phishing campaign targeting OpenClaw in which threat actors…
