Verify a decision

{"actor":"system:backfill","investigation_id":"e26d0a1d-d5eb-46da-bf59-22164954161f","kind":"publish","page_slug":"openclaw-github-phishing-campaign","published_at":"2026-06-15T23:34:25.461Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"OpenClaw GitHub Phishing Campaign","sections":[{"content":"A threat actor operating under no publicly attributed identity launched a multi-stage phishing campaign impersonating OpenClaw, an open-source developer tooling project. The campaign exploits GitHub's native issue and discussion notification system: attackers create throwaway GitHub accounts, open issue threads in attacker-controlled repositories, and mass-tag developers who have previously starred or interacted with OpenClaw-related repositories. Each tagged user receives an email or in-platform notification that appears indistinguishable from a legitimate GitHub workflow message. The lure message, quoted in multiple security reports, states: 'Appreciate for your contributions on GitHub. We analyzed profiles and chose developers to get OpenClaw allocation.' Recipients are then promised approximately $5,000 worth of CLAW tokens and directed to a phishing site. OX Security first disclosed the campaign on March 19, 2026. The campaign is described as continuing and active as of June 2026.","heading":"Campaign Overview","severity":"critical","sources":[{"credibility":2,"name":"OpenClaw Developers Targeted in Crypto-Wallet Phishing Attack - OX Security","type":"research","url":"https://www.ox.security/blog/openclaw-github-phishing-crypto-wallet-attack/"},{"credibility":2,"name":"OpenClaw GitHub phishing scam uses fake $5,000 token airdrops - CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2026/03/19/openclaw-developers-targeted-in-github-phishing-scam-offering-fake-token-airdrops"},{"credibility":2,"name":"Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam - HackRead","type":"news_article","url":"https://hackread.com/fake-openclaw-token-github-devs-wallet-drainer-scam/"}]},{"content":"The phishing infrastructure relies on two primary domains identified by OX Security researchers. The front-end phishing site is hosted at token-claw[.]xyz, described as an almost identical visual clone of the legitimate OpenClaw website at openclaw.ai, with the critical addition of a 'Connect your wallet' prompt. Links in GitHub posts are obfuscated using Google LinkShare redirect addresses, lending a degree of superficial legitimacy to the URL chain before the user reaches the malicious domain. A second domain, watery-compost[.]today, functions as the campaign's command-and-control (C2) server. Once a victim connects a wallet, the malicious JavaScript file eleven.js executes. This file is described by OX Security researchers as heavily obfuscated. After deobfuscation, researchers identified three C2 commands: PromptTx, Approved, and Declined, which relay wallet address, transaction value, and user name to the C2 server in encoded form. The drainer is capable of triggering unauthorized transactions or token approvals. A built-in 'nuke' function is designed to delete all wallet-stealing artifacts from the victim's browser local storage upon completion, frustrating forensic analysis. The threat actor's known Ethereum wallet address is 0x6981E9EA7023a8407E4B08ad97f186A5CBDaFCf5. At the time of initial analysis, this address had sent and received no funds. Supported target wallets include MetaMask, WalletConnect, Trust Wallet, OKX Wallet, and Bybit Wallet.","heading":"Technical Infrastructure and Indicators of Compromise","severity":"critical","sources":[{"credibility":2,"name":"OpenClaw Developers Targeted in Crypto-Wallet Phishing Attack - OX Security","type":"research","url":"https://www.ox.security/blog/openclaw-github-phishing-crypto-wallet-attack/"},{"credibility":2,"name":"GitHub phishers use fake OpenClaw tokens to drain crypto wallets - CSO Online","type":"news_article","url":"https://www.csoonline.com/article/4150456/github-phishers-use-fake-openclaw-tokens-to-drain-crypto-wallets.html"},{"credibility":2,"name":"OpenClaw Developers Lured in GitHub Phishing Campaign - Decrypt","type":"news_article","url":"https://decrypt.co/361646/openclaw-developers-lured-github-phishing-campaign"}]},{"content":"The campaign specifically selects victims by analyzing who has starred or interacted with OpenClaw-related repositories on GitHub. This targeting method means the victim pool skews toward software developers actively working in the open-source ecosystem. Developers frequently maintain institutional or high-value wallets used for protocol operations, multi-sig participation, treasury management, or personal holdings accumulated through legitimate DeFi activity. By exploiting the professional trust developers place in GitHub notification emails, the campaign bypasses many common phishing defenses: victims are reached through a communication channel they use daily for legitimate work, and the lure is thematically plausible given the project's active developer community. The use of attacker-controlled repositories to host the malicious issue threads means the posts themselves do not violate any legitimate project's repository, making takedown and detection slower.","heading":"Target Profile and Developer Risk","severity":"high","sources":[{"credibility":2,"name":"Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam - HackRead","type":"news_article","url":"https://hackread.com/fake-openclaw-token-github-devs-wallet-drainer-scam/"},{"credibility":2,"name":"OpenClaw Developers Lured in GitHub Phishing Campaign - Decrypt","type":"news_article","url":"https://decrypt.co/361646/openclaw-developers-lured-github-phishing-campaign"},{"credibility":3,"name":"How the OpenClaw GitHub Phishing Attack Actually Worked - DEV Community","type":"community_report","url":"https://dev.to/cryip/how-the-openclaw-github-phishing-attack-actually-worked-and-how-to-defend-against-it-4i21"}]},{"content":"The March 2026 GitHub phishing campaign is not the first abuse of the OpenClaw name for crypto fraud. In January 2026, scammers exploited a brief window during which OpenClaw founder Peter Steinberger was transitioning social media handles following a trademark notice from Anthropic, which had flagged the original project name 'Clawdbot' as too similar to 'Claude.' During the gap between abandoning old handles and securing new OpenClaw accounts, scammers seized control and used those accounts to promote a fake token designated CLAWD. The CLAWD token allegedly reached a market capitalization of approximately $16 million before collapsing by more than 90%. In February 2026, Steinberger banned all cryptocurrency mentions from the project's Discord server, stating publicly: 'We would never do that' in reference to any token issuance. Steinberger has also been quoted as saying: 'I didn't know that they're not just good at harassment, they are also really good at using scripts and tools.' The repeated pattern of brand abuse indicates a sustained threat actor or community of actors targeting the OpenClaw name.","heading":"Prior OpenClaw Brand Abuse: The CLAWD Fake Token Incident","severity":"high","sources":[{"credibility":2,"name":"OpenClaw Creator Warns of Crypto Phishing Wave - CryptoNews","type":"news_article","url":"https://cryptonews.net/news/security/32576436/"},{"credibility":2,"name":"OpenClaw Bans All Crypto Mentions On Discord After $16M Fake Token - Yellow","type":"news_article","url":"https://yellow.com/news/openclaw-bans-all-crypto-mentions-on-discord-after-dollar16m-fake-token-nearly-killed-the-project"},{"credibility":2,"name":"OpenClaw GitHub phishing scam uses fake $5,000 token airdrops - CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2026/03/19/openclaw-developers-targeted-in-github-phishing-scam-offering-fake-token-airdrops"},{"credibility":2,"name":"OpenClaw Bans Crypto Keywords Following Fake Token Scam - KuCoin News","type":"news_article","url":"https://www.kucoin.com/news/flash/openclaw-bans-crypto-keywords-after-fake-token-scam-founder-disavows-crypto-ties"}]},{"content":"As of the initial OX Security disclosure on March 19, 2026, no confirmed theft victims had been identified and the threat actor's known Ethereum wallet (0x6981E9EA7023a8407E4B08ad97f186A5CBDaFCf5) showed a zero balance. Moshe Siman Tov Bustan of OX Security stated: 'During our analysis, we found only one address belonging to the threat actor, which hadn't sent or received any funds yet.' The absence of confirmed victims at that date may reflect the speed with which throwaway GitHub accounts were deleted (reportedly within hours of the campaign's launch), limiting the window of exposure. Whether any funds were subsequently drained after the initial research disclosure, or through the campaign's alleged continuation into June 2026, is not confirmed in available sources reviewed for this report.","heading":"Confirmed Victims and Financial Impact","severity":"medium","sources":[{"credibility":2,"name":"OpenClaw Developers Targeted in Crypto-Wallet Phishing Attack - OX Security","type":"research","url":"https://www.ox.security/blog/openclaw-github-phishing-crypto-wallet-attack/"},{"credibility":2,"name":"Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam - HackRead","type":"news_article","url":"https://hackread.com/fake-openclaw-token-github-devs-wallet-drainer-scam/"}]},{"content":"The threat actor or actors behind this campaign have not been publicly attributed to any named group or individual. The operational security profile of the campaign is notable: throwaway GitHub accounts were deleted within hours of the campaign launching, the malicious JavaScript employs heavy obfuscation and a 'nuke' function to wipe browser-side forensic evidence, and the redirect chain uses Google LinkShare to mask the true destination domain. The phishing site token-claw[.]xyz was registered with characteristics typical of short-lived fraud infrastructure. The use of attacker-controlled repositories rather than compromised legitimate repositories makes attribution to a specific GitHub user or organization more difficult. No law enforcement actions, GitHub abuse reports, or domain registrar takedowns have been publicly confirmed in sources reviewed for this report.","heading":"Threat Actor Attribution and Operational Security","severity":"high","sources":[{"credibility":2,"name":"OpenClaw Developers Targeted in Crypto-Wallet Phishing Attack - OX Security","type":"research","url":"https://www.ox.security/blog/openclaw-github-phishing-crypto-wallet-attack/"},{"credibility":2,"name":"OpenClaw Developers Lured in GitHub Phishing Campaign - Decrypt","type":"news_article","url":"https://decrypt.co/361646/openclaw-developers-lured-github-phishing-campaign"}]},{"content":"Security researchers and coverage sources identify several defensive measures relevant to this campaign. Domains to block include token-claw[.]xyz (phishing front-end) and watery-compost[.]today (C2 server). Developers should treat any unsolicited GitHub notification offering token compensation with skepticism, regardless of whether the notification arrives via email or the GitHub platform UI. The legitimate OpenClaw project has publicly stated it has no token and will never issue one. Users should verify any claimed token distribution against official project communications at openclaw.ai and the verified GitHub organization. Wallet connection requests on any site reached via a redirect chain (especially through link shorteners or share.google URLs) should be declined pending independent verification of the destination URL. Browser extension-based wallet software should be configured to require explicit approval for all transaction and token approval requests.","heading":"Defensive Recommendations","severity":"medium","sources":[{"credibility":2,"name":"GitHub phishers use fake OpenClaw tokens to drain crypto wallets - CSO Online","type":"news_article","url":"https://www.csoonline.com/article/4150456/github-phishers-use-fake-openclaw-tokens-to-drain-crypto-wallets.html"},{"credibility":3,"name":"How the OpenClaw GitHub Phishing Attack Actually Worked - DEV Community","type":"community_report","url":"https://dev.to/cryip/how-the-openclaw-github-phishing-attack-actually-worked-and-how-to-defend-against-it-4i21"},{"credibility":2,"name":"Fake OpenClaw token giveaway on GitHub aims to steal crypto wallets - CyberNews","type":"news_article","url":"https://cybernews.com/ai-news/ai-developers-fake-crypto-prize-phishers-github/"}]}],"sources_used":[{"credibility":2,"name":"OpenClaw Developers Targeted in Crypto-Wallet Phishing Attack - OX Security","type":"research","url":"https://www.ox.security/blog/openclaw-github-phishing-crypto-wallet-attack/"},{"credibility":2,"name":"OpenClaw GitHub phishing scam uses fake $5,000 token airdrops - CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2026/03/19/openclaw-developers-targeted-in-github-phishing-scam-offering-fake-token-airdrops"},{"credibility":2,"name":"OpenClaw Developers Lured in GitHub Phishing Campaign - Decrypt","type":"news_article","url":"https://decrypt.co/361646/openclaw-developers-lured-github-phishing-campaign"},{"credibility":2,"name":"Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam - HackRead","type":"news_article","url":"https://hackread.com/fake-openclaw-token-github-devs-wallet-drainer-scam/"},{"credibility":2,"name":"GitHub phishers use fake OpenClaw tokens to drain crypto wallets - CSO Online","type":"news_article","url":"https://www.csoonline.com/article/4150456/github-phishers-use-fake-openclaw-tokens-to-drain-crypto-wallets.html"},{"credibility":2,"name":"Fake OpenClaw token giveaway on GitHub aims to steal crypto wallets - CyberNews","type":"news_article","url":"https://cybernews.com/ai-news/ai-developers-fake-crypto-prize-phishers-github/"},{"credibility":2,"name":"GitHub phishing scam uses OpenClaw branding to lure developers - Crypto.news","type":"news_article","url":"https://crypto.news/github-phishing-scam-uses-openclaw-branding-to-lure-developers-into-wallet-drain-report/"},{"credibility":2,"name":"OpenClaw Devs Targeted in GitHub Phishing Scam Promising $5K Airdrop - CryptoTimes","type":"news_article","url":"https://www.cryptotimes.io/2026/03/19/openclaw-devs-targeted-in-github-phishing-scam-promising-5k-airdrop/"},{"credibility":2,"name":"OpenClaw Creator Warns of Crypto Phishing Wave - CryptoNews","type":"news_article","url":"https://cryptonews.net/news/security/32576436/"},{"credibility":2,"name":"OpenClaw Bans All Crypto Mentions On Discord After $16M Fake Token - Yellow","type":"news_article","url":"https://yellow.com/news/openclaw-bans-all-crypto-mentions-on-discord-after-dollar16m-fake-token-nearly-killed-the-project"},{"credibility":2,"name":"OpenClaw Bans Crypto Keywords Following Fake Token Scam - KuCoin News","type":"news_article","url":"https://www.kucoin.com/news/flash/openclaw-bans-crypto-keywords-after-fake-token-scam-founder-disavows-crypto-ties"},{"credibility":3,"name":"How the OpenClaw GitHub Phishing Attack Actually Worked - DEV Community","type":"community_report","url":"https://dev.to/cryip/how-the-openclaw-github-phishing-attack-actually-worked-and-how-to-defend-against-it-4i21"},{"credibility":2,"name":"Are CLAW Tokens Legit? Phishing Attack Hits OpenClaw - CCN","type":"news_article","url":"https://www.ccn.com/education/crypto/claw-tokens-legit-openclaw-phishing-scam-crypto-wallets/"}],"summary":"An active phishing campaign, first disclosed by OX Security in March 2026 and continuing into June 2026, abuses the OpenClaw brand and GitHub's issue notification system to target software developers with fake $5,000 CLAW token giveaways. Victims are directed via Google LinkShare redirect URLs to token-claw[.]xyz, a near-identical clone of openclaw.ai, where a malicious wallet-connect prompt triggers a JavaScript drainer (eleven.js) capable of siphoning funds from MetaMask, Trust Wallet, OKX Wallet, Bybit Wallet, and WalletConnect-compatible wallets. OpenClaw founder Peter Steinberger has publicly stated the project has no token and never will.","timeline":[{"date":"2026-01-01","event":"Scammers exploit a brief gap in OpenClaw's social media account transition (prompted by an Anthropic trademark notice over the name 'Clawdbot') to promote a fake CLAWD token. The token allegedly reaches a market capitalization of approximately $16 million before collapsing by over 90%.","source":"CoinDesk / Yellow.com","source_url":"https://yellow.com/news/openclaw-bans-all-crypto-mentions-on-discord-after-dollar16m-fake-token-nearly-killed-the-project"},{"date":"2026-02-01","event":"OpenClaw founder Peter Steinberger bans all cryptocurrency discussion on the project's Discord server following the CLAWD fake token incident. Steinberger publicly disavows any crypto connection and states the project will never issue a token.","source":"KuCoin News / CryptoNews","source_url":"https://www.kucoin.com/news/flash/openclaw-bans-crypto-keywords-after-fake-token-scam-founder-disavows-crypto-ties"},{"date":"2026-03-12","event":"Threat actor creates throwaway GitHub accounts and begins tagging developers who starred OpenClaw-related repositories in fake issue threads, offering $5,000 CLAW token giveaways and directing victims to token-claw[.]xyz via Google LinkShare redirects.","source":"OX Security / CryptoTimes","source_url":"https://www.cryptotimes.io/2026/03/19/openclaw-devs-targeted-in-github-phishing-scam-promising-5k-airdrop/"},{"date":"2026-03-12","event":"Throwaway GitHub accounts used in the phishing campaign are deleted within hours of the campaign's launch, limiting the active exposure window but not eliminating the infrastructure.","source":"OX Security / HackRead","source_url":"https://hackread.com/fake-openclaw-token-github-devs-wallet-drainer-scam/"},{"date":"2026-03-19","event":"OX Security publishes full technical disclosure of the campaign, identifying the phishing domain token-claw[.]xyz, C2 server watery-compost[.]today, malicious JavaScript file eleven.js, threat actor wallet address 0x6981E9EA7023a8407E4B08ad97f186A5CBDaFCf5, and the nuke evasion function. No confirmed victims are reported at time of publication.","source":"OX Security","source_url":"https://www.ox.security/blog/openclaw-github-phishing-crypto-wallet-attack/"},{"date":"2026-03-19","event":"CoinDesk, Decrypt, CSO Online, HackRead, CyberNews, and multiple crypto publications pick up the OX Security report, broadening awareness of the campaign among developers.","source":"CoinDesk","source_url":"https://www.coindesk.com/tech/2026/03/19/openclaw-developers-targeted-in-github-phishing-scam-offering-fake-token-airdrops"},{"date":"2026-06-15","event":"Campaign described as active and ongoing as of June 2026, with continued abuse of the OpenClaw brand and GitHub notification system to target developers.","source":"AVOID.NET investigation (context provided by submitter)","source_url":"https://www.avoid.net/openclaw-github-phishing-campaign-june-2026"}]},"v":1}