OpenClaw devs targeted by phishing scam promising free ‘CLAW’ tokens

19 Mar 2026Stuart Fy

A phishing campaign used fake GitHub posts and a bogus “CLAW” token to lure OpenClaw developers into connecting crypto wallets.

Developers of OpenClaw, a popular open-source AI project, are being targeted by phishing attacks on GitHub with fake token rewards designed to lure users into connecting crypto wallets.

Cybersecurity firm OX Security reported the scam on Wednesday and said it had found no victims so far. OpenClaw creator Peter Steinberger separately warned on X that any emails claiming association with the project are scams, urging users to only visit the official site. “We would never do that. The project is open source and non-commercial,” Steinberger said.

According to OX Security, attackers created fake GitHub accounts that posted messages in repositories they controlled, tagging developers to increase visibility. The posts claimed that recipients had won $5,000 worth of “CLAW,” a non-existent cryptocurrency falsely associated with the project, in an attempt to trick recipients into visiting a cloned website.

The campaign directed users to a cloned website resembling OpenClaw’s official page and prompted them to connect crypto wallets, a common phishing tactic used to steal credentials or secure malicious approvals.

Source: Hacker News

Social media reports suggest that developers were aware of the fraud, with many labeling the campaign as a scam immediately.

OpenClaw creator warned users project would never launch a token

The attack comes months after the OpenClaw creator warned users that the project would never launch a cryptocurrency, and that any token claiming association with him was fraudulent.

“I will never do a coin. Any project that lists me as coin owner is a scam,” Steinberger said in an X post in January.

Source: Peter Steinberger

The phishing campaign marks another attempt by attackers to capitalize on OpenClaw’s viral popularity.

Launched in November 2025, OpenClaw offers a free, open-source autonomous AI agent that runs locally on computers to manage files, software and browser tasks via chat platforms like WhatsApp or Telegram.

Related: Crypto hacks fall to $49M in February as attackers shift to phishing scams

The platform received high GitHub engagement and active social communities, amassing more than 465,000 subscribers on X in the months following its launch.

In a move to fight scams, the OpenClaw project also confirmed a ban on Bitcoin 

BTC$70,361

 and crypto discussions in its official Discord channel in February.



Reprint:  Publisher:  
Source: cointelegraph Author:  Stuart Fy
Statement:  The views expressed are those of the author and do not necessarily reflect those of BcTime. BcTime is an information publishing platform that only provides information storage space services. If the article involves infringement, please send a letter in time, the site will delete the article as soon as possible. Email: [email protected].
PREVIOUS ARTICLE

Visa and Stripe-backed Tempo unveil AI agent payment tools on same day

NEWSLETTER

Subscribe to our free newsletter and follow us for the latest blockchain news