Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign on GitHub, according to a report by OX Security.
The campaign centres on fake reward claims tied to $CLAW tokens and aims to trick users into connecting their crypto wallets to malicious websites.
The activity has emerged as OpenClaw gains traction following leadership changes and its transition into a foundation-run open source project.
Researchers say attackers are leveraging developer activity on GitHub to make the scheme appear credible and personalised.
GitHub targeting tactics
The phishing operation is being carried out through attacker-controlled GitHub repositories.
Malicious actors create fake accounts, open issue threads, and tag large numbers of developers to maximise visibility.
In one example highlighted by researchers, developers were told they had been selected for an OpenClaw allocation.
The message claimed recipients had won $5,000 worth of $CLAW tokens and directed them to a website designed to closely mimic openclaw.ai.
The attackers are believed to be identifying targets by analysing GitHub’s star feature.
By focusing on users who have starred repositories linked to OpenClaw, the messages appear more relevant and convincing.
Wallet drain mechanism
Once users land on the fake site, they are prompted to connect their crypto wallets through a “Connect your wallet” feature.
This step activates malicious scripts that enable attackers to drain funds.
OX Security reported that the phishing pages include obfuscated JavaScript designed to hide wallet-stealing functions.
A file named eleven.js has been identified as a key component of the attack.
The malware includes a built-in “nuke” function, which clears traces from the browser’s local storage after execution.
This helps attackers avoid detection while continuing to monitor user activity.
Data tracking and exfiltration
The malicious code tracks user behaviour through a series of commands such as PromptTx, Approved, and Declined.
These commands allow attackers to monitor interactions in real time.
Encoded data, including wallet addresses and transaction values, is sent to a command and control server.
Researchers said at least one wallet address linked to the campaign has already been identified as a destination for stolen funds.
There has been no confirmed number of victims so far. However, the infrastructure and targeting methods suggest the campaign is actively seeking new users.
OpenClaw distancing from crypto
The phishing campaign coincides with growing attention around OpenClaw.
The project gained visibility after OpenAI CEO Sam Altman announced that creator Peter Steinberger would lead its push into personal AI agents.
Despite the crypto-themed scam, Steinberger has taken a strict stance against cryptocurrencies within the OpenClaw ecosystem.
Any mention of crypto assets on the project’s Discord server can result in removal.
This policy follows an earlier incident during OpenClaw’s rebrand.
At that time, scammers promoted a Solana-based token called $CLAWD, which reached a market capitalisation of about $16 million before dropping more than 90% after Steinberger denied any connection.
OX Security has advised users to block domains such as token-claw[.]xyz and watery-compost[.]today and to avoid connecting wallets to newly discovered or unverified platforms.
The post Hackers exploit OpenClaw hype on GitHub to steal crypto funds appeared first on Invezz
