Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
OX Security, a firm focused on cybersecurity, has issued a warning regarding a phishing campaign aimed at developers utilizing the open-source AI agent OpenClaw. The attackers are posing as official communications from the project and are attempting to gain access to users’ cryptocurrency wallets.
Hackers are creating counterfeit developer profiles on GitHub and generating “issues” in controlled repositories—an instrument for discussing bugs, suggestions, and inquiries related to the project.
Subsequently, the perpetrators tag numerous developers, claiming that they have supposedly received 5000 CLAW tokens. Users are directed to a fraudulent website that closely resembles the official OpenClaw site. A critical feature is the “Connect your wallet” button, which initiates the theft of funds.
Related Posts
During their investigation, OX Security experts uncovered malicious code concealed within an encrypted JavaScript file named eleven.js. The malware also includes a function to erase traces of activity from the browser’s local storage, complicating the incident analysis. As a result of the attack, the criminals obtain encrypted information, including wallet addresses and transaction parameters.
OpenClaw’s creator, Peter Steinberger, stated that the project has not issued any tokens. Any claims regarding crypto-assets associated with OpenClaw are fraudulent.
OX Security advises users to block the domains token-claw.xyz and watery-compost.today. Announcements regarding token distributions on GitHub should be regarded as potentially harmful.
This phishing campaign is unfolding amid the rising popularity of OpenClaw. The project has garnered over 324,000 stars on GitHub and has become one of the most popular repositories.
According to the analytics platform Artemis, the volume of new code publications in blockchain projects has decreased by approximately 75% since the beginning of last year—from 850,000 to 210,000 per week. The number of active developers has fallen by 56%—to around 4,600 individuals. Meanwhile, developers are increasingly shifting towards the field of artificial intelligence: the number of development kits based on large language models on GitHub has surged by 178% over the past year.
