{
    "id": 63869,
    "date": "2026-03-19T13:19:33",
    "date_gmt": "2026-03-19T06:19:33",
    "guid": {
        "rendered": "https:\/\/hbbgroup.net\/openclaw-developers-lured-in-github-phishing-campaign-targeting-crypto-wallets\/"
    },
    "modified": "2026-03-19T13:19:33",
    "modified_gmt": "2026-03-19T06:19:33",
    "slug": "openclaw-developers-lured-in-github-phishing-campaign-targeting-crypto-wallets",
    "status": "publish",
    "type": "post",
    "link": "https:\/\/hbbgroup.net\/en_us\/openclaw-developers-lured-in-github-phishing-campaign-targeting-crypto-wallets\/",
    "title": {
        "rendered": "OpenClaw Developers Lured in GitHub Phishing Campaign Targeting Crypto Wallets"
    },
    "content": {
        "rendered": "<div>\n<div>\n<h4 color=\"#333\">In brief<\/h4>\n<ul>\n<li>Attackers used fake GitHub accounts to tag developers, claiming they had won $5,000 in $CLAW tokens and directing them to a cloned OpenClaw site.<\/li>\n<li>OX Security said the phishing page used heavily obfuscated JavaScript and a separate C2 server to drain connected wallets and hide activity.<\/li>\n<li>The accounts were created last week and deleted within hours of launch, with no confirmed victims so far.<\/li>\n<\/ul>\n<\/div>\n<p><span>OpenClaw\u2019s viral rise has drawn an ugly new side effect: crypto scammers are now using the AI agent project\u2019s name to target developers in a phishing campaign aimed at draining their wallets.\u00a0<\/span><\/p>\n<p><span>Security platform OX Security <\/span><a href=\"https:\/\/www.ox.security\/blog\/openclaw-github-phishing-crypto-wallet-attack\/\" target=\"_blank\" rel=\"nofollow external noopener\"><span>published a report<\/span><\/a><span> on Wednesday detailing an active phishing campaign targeting <\/span><a href=\"https:\/\/decrypt.co\/356730\/openclaw-ai-agents-whats-real\" target=\"_blank\"><span>OpenClaw<\/span><\/a><span> in which threat actors create fake GitHub accounts, open issue threads in attacker-controlled repositories, and tag dozens of developers.\u00a0<\/span><\/p>\n<p>The scammer posts GitHub issues telling developers, \u201cAppreciate your contributions on GitHub. We analyzed profiles and chose developers to get OpenClaw allocation,\u201d and claims they have won $5,000 worth of $CLAW tokens, directing them to a fake website that closely resembles openclaw.ai. The site includes an added \u201cConnect your wallet\u201d button designed to trigger wallet theft.<\/p>\n<p>OX Security research team lead and a co-author of the report, Moshe Siman Tov Bustan, told <i>Decrypt<\/i> they uncovered evidence the scam attempt bears resemblance to a campaign that &#8220;spread on GitHub, relating to Solana.&#8221;<\/p>\n<p>&#8220;[We&#8217;re still] analyzing the behavior and the relation of these campaigns,&#8221; Bustan added.<\/p>\n<p><span>The phishing campaign surfaced weeks after OpenAI CEO Sam Altman announced OpenClaw creator Peter Steinberger would <\/span><a href=\"https:\/\/decrypt.co\/358141\/openai-openclaw-founder-lead-push-personal-ai-agents\" target=\"_blank\"><span>lead its push into personal AI agents<\/span><\/a><span>, with OpenClaw transitioning to a foundation-run open-source project.\u00a0<\/span><\/p>\n<p><span>That mainstream profile and the framework&#8217;s association with one of the most prominent names in AI make its developer community an increasingly attractive target.<\/span><\/p>\n<p><span>OX Security said it had previously assessed the attackers may be using GitHub&#8217;s star feature to identify users who have starred OpenClaw-related repositories, making the lure appear more targeted and credible.<\/span><\/p>\n<p><span>The platform\u2019s analysis found the wallet-stealing code buried inside a heavily obfuscated JavaScript file called &#8220;eleven.js.&#8221;<\/span><\/p>\n<p>&#8220;According to who that was targeted and the user&#8217;s reports on GitHub,&#8221; the campaign targeted only users who &#8220;starred the OpenClaw GitHub repository,&#8221; Bustan said. &#8220;During our analysis, we found only one address belonging to the threat actor, which hadn&#8217;t sent or received any funds yet.&#8221;<\/p>\n<p><span>After deobfuscating the malware, researchers identified a built-in &#8220;nuke&#8221; function that wipes all wallet-stealing data from the browser&#8217;s local storage to frustrate forensic analysis.\u00a0<\/span><\/p>\n<p><span>The malware tracks user actions via commands such as PromptTx, Approved, and Declined, relaying encoded data, including wallet addresses, transaction values, and names, back to a C2 server.<\/span><\/p>\n<p><span>Researchers identified one crypto wallet address they believe belongs to the threat actor, 0x6981E9EA7023a8407E4B08ad97f186A5CBDaFCf5, used to receive stolen funds.\u00a0<\/span><\/p>\n<p><span>The accounts were created last week and deleted within hours of launch, with no confirmed victims so far, according to OX Security.<\/span><\/p>\n<p><i><span>Decrypt<\/span><\/i><span> has reached out to Peter Steinberger for comment.<\/span><\/p>\n<h2 color=\"#333\"><b>OpenClaw&#8217;s crypto magnet problem<\/b><\/h2>\n<p><span>OpenClaw, a self-hosted AI agent framework that lets users run persistent bots connected to messaging apps, email, calendars, and shell commands, <\/span><a href=\"https:\/\/github.com\/openclaw\/openclaw\" target=\"_blank\"><span>hit 323,000 GitHub stars<\/span><\/a><span> following its acquisition by OpenAI last month.\u00a0<\/span><\/p>\n<p><span>That visibility quickly attracted bad actors, with OpenClaw creator Peter Steinberger saying crypto spam flooded OpenClaw\u2019s Discord almost \u201cevery half hour,\u201d forcing bans and <\/span><a href=\"https:\/\/decrypt.co\/358856\/openclaw-creator-bans-bitcoin-crypto-chatter-openai\" target=\"_blank\"><span>ultimately a blanket prohibition<\/span><\/a><span> after what he described to <\/span><i><span>Decrypt<\/span><\/i><span> as \u201cnonstop coin promotion.\u201d<\/span><\/p>\n<p><span>Unlike chat-based AI tools, OpenClaw agents persist, wake on a schedule, store memory locally, and execute multi-step tasks autonomously.<\/span><\/p>\n<p><span>OX Security recommends blocking token-claw[.]xyz and watery-compost[.]today across all environments, avoiding connecting crypto wallets to newly surfaced or unverified sites, and treating any GitHub issue promoting token giveaways or airdrops as suspicious, particularly from unknown accounts.\u00a0<\/span><\/p>\n<p><span>Users who recently connected a wallet should revoke approvals immediately, the platform warned.\u00a0<\/span><\/p>\n<p><i>Editor&#8217;s note: Adds comment from OX Security&#8217;s Bustan<\/i><\/p>\n<div>\n<h3>Daily Debrief Newsletter<\/h3>\n<p>Start every day with the top news stories right now, plus original features, a podcast, videos and more.<\/p>\n<\/div>\n<\/div>",
        "protected": false
    },
    "excerpt": {
        "rendered": "<p>In brief Attackers used fake GitHub accounts to tag developers, claiming they had won $5,000 in $CLAW tokens and directing [&hellip;]<\/p>",
        "protected": false
    },
    "author": 5,
    "featured_media": 63870,
    "comment_status": "open",
    "ping_status": "open",
    "sticky": false,
    "template": "",
    "format": "standard",
    "meta": {
        "_acf_changed": false,
        "footnotes": ""
    },
    "categories": [
        220
    ],
    "tags": [],
    "class_list": [
        "post-63869",
        "post",
        "type-post",
        "status-publish",
        "format-standard",
        "has-post-thumbnail",
        "hentry",
        "category-tien-dien-tu"
    ],
    "acf": [],
    "_links": {
        "self": [
            {
                "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/posts\/63869",
                "targetHints": {
                    "allow": [
                        "GET"
                    ]
                }
            }
        ],
        "collection": [
            {
                "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/posts"
            }
        ],
        "about": [
            {
                "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/types\/post"
            }
        ],
        "author": [
            {
                "embeddable": true,
                "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/users\/5"
            }
        ],
        "replies": [
            {
                "embeddable": true,
                "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/comments?post=63869"
            }
        ],
        "version-history": [
            {
                "count": 0,
                "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/posts\/63869\/revisions"
            }
        ],
        "wp:featuredmedia": [
            {
                "embeddable": true,
                "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/media\/63870"
            }
        ],
        "wp:attachment": [
            {
                "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/media?parent=63869"
            }
        ],
        "wp:term": [
            {
                "taxonomy": "category",
                "embeddable": true,
                "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/categories?post=63869"
            },
            {
                "taxonomy": "post_tag",
                "embeddable": true,
                "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/tags?post=63869"
            }
        ],
        "curies": [
            {
                "name": "wp",
                "href": "https:\/\/api.w.org\/{rel}",
                "templated": true
            }
        ]
    }
}