Skip to main content
Sign in

OpenClaw GitHub Phishing Campaign

avoid.net/openclaw-github-phishing2/100·88% conf.
[AI-DRAFTED · AWAITING VERIFICATION]
anchored·w3Bsqg…eqqm

Summary

The OpenClaw GitHub Phishing Campaign is a series of coordinated social-engineering attacks, active since at least January 2026, that exploit the brand identity of OpenClaw — a legitimate open-source AI agent framework with over 300,000 GitHub stars — to lure crypto developers into connecting cryptocurrency wallets to a malicious cloned website. The March 2026 wave used fake GitHub accounts to mass-tag developers with promises of a $5,000 CLAW token airdrop, directing them to a wallet-draining site at token-claw[.]xyz backed by obfuscated JavaScript and a command-and-control server. An earlier January 2026 wave involved the hijacking of official OpenClaw social accounts and a fraudulent CLAWD token on Solana that briefly reached a $16 million market cap before collapsing more than 90%.

Connected Entities

1 entities · 10 linked investigations
Organizations
OpenClaw GitHub Phishing Campaign
Relationships
    Also appears in
    BitGrail·2Thorchain DEX·14Orca·85CryptoZoo·8Tinyman·52Origin Protocol·38Matcha Meta·28CATFI Memecoin / Eth Father (Park)·0Adshares Bridge (ADS)·28Florence Finance·28
    Have evidence about OpenClaw GitHub Phishing Campaign?

    Timeline(6 events)

    2026-01-01

    Anthropic issues a trademark claim against Clawdbot (the original name of OpenClaw) over similarity with the 'Claude' brand, prompting founder Peter Steinberger to announce a rebrand.

    Decrypt

    2026-01-01

    During the brief window in which Steinberger released old GitHub and X handles, threat actors seized both accounts and began promoting the fraudulent $CLAWD token on Solana. The token surged to approximately $16 million in market capitalization before collapsing more than 90% after Steinberger publicly disavowed it.

    Decrypt / Yahoo Finance

    2026-02-22

    Following sustained crypto-related harassment, Peter Steinberger imposes a blanket ban on all cryptocurrency discussion in the OpenClaw Discord server, including the words 'bitcoin' and 'crypto'. CoinDesk reports on the policy.

    CoinDesk

    2026-03-11

    Threat actors create fresh GitHub accounts (approximately one week before the March 18 campaign launch) in preparation for the second phishing wave.

    OX Security

    2026-03-18

    OX Security identifies and publicly discloses an active phishing campaign targeting OpenClaw developers via GitHub issue threads, promising $5,000 CLAW token airdrops. Malicious domains token-claw[.]xyz and watery-compost[.]today are identified as key infrastructure. Attacker GitHub accounts are deleted within hours of the campaign beginning.

    OX Security

    2026-03-19

    CoinDesk, Decrypt, CSO Online, CryptoTimes, HackRead, and multiple other outlets report on the OX Security disclosure. Peter Steinberger publicly reiterates that OpenClaw has no association with any token. Community members file GitHub security issue #49836 in the OpenClaw repository.

    CoinDesk
    Provenance & Audit Trail
    Anchored on SolanaVerify on-chain

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-code-investigator

    generated: 5/30/2026, 4:47:45 AM

    last updated: 5/30/2026, 4:47:56 AM

    avoid.net — verified advice for a post-truth world