A phishing campaign is targeting developers associated with OpenClaw, the AI agent framework recently acquired by OpenAI, according to a report published Wednesday by security platform OX Security. Attackers create fake GitHub accounts, open issue threads, and tag developers with false claims that they have won $5,000 worth of $CLAW tokens.
Victims are directed to a counterfeit site mimicking openclaw.ai, where a wallet-connection prompt triggers theft. Researchers found the malicious code hidden inside an obfuscated JavaScript file and identified a built-in function that erases wallet-stealing data from browser storage to hinder forensic investigation.
OX Security researcher Moshe Siman Tov Bustan said the campaign appears to target users who starred OpenClaw-related repositories. The fake accounts were created and deleted within hours, and no confirmed victims have been reported. The platform advises users to revoke any recent wallet approvals and treat GitHub issues promoting token giveaways as suspicious.
Originally reported by Decrypt.
