Metaverse and A.I.

OpenClaw Developers Targeted in GitHub Phishing Campaign Draining Crypto Wallets

Developers working with the fast-rising AI agent project OpenClaw are being targeted in a coordinated GitHub phishing campaign designed to steal crypto wallets, highlighting growing security risks around AI-driven developer ecosystems. 


Fake GitHub Accounts Used to Lure Developers

According to cybersecurity researchers, attackers created fake GitHub accounts and repositories to target OpenClaw developers directly. These accounts would:

  • Tag developers in issue threads

  • Promote fake opportunities or rewards

  • Redirect users to malicious websites 

In many cases, victims were told they had won up to $5,000 worth of “$CLAW” tokens, a tactic designed to create urgency and entice clicks. 


Wallet Drain Attack Hidden Behind Fake Site

Once users clicked the links, they were sent to a cloned version of the official OpenClaw website, nearly identical in appearance. 

The key difference:

  • “Connect Wallet” button that triggered malicious scripts

Behind the scenes, attackers deployed obfuscated JavaScript and command-and-control infrastructure to extract wallet credentials and drain funds. 


Targeting a Rapidly Growing AI Ecosystem

The campaign specifically targeted OpenClaw due to its explosive growth and popularity among developers, making it an attractive attack surface. 

OpenClaw, an open-source AI agent platform, has gained significant traction in 2026 as developers use it to automate tasks, build tools, and integrate AI into workflows. 

This rapid adoption has created a familiar pattern in crypto and AI:

New technology → rapid hype → attacker exploitation


Part of a Broader Trend in AI + Crypto Attacks

This phishing campaign is part of a larger wave of attacks targeting:

  • AI developer tools

  • Open-source ecosystems

  • Crypto wallet integrations

Security researchers warn that attackers are increasingly exploiting trusted platforms like GitHub to distribute scams, knowing developers are more likely to trust code hosted there. 

Additionally, combining AI tools with crypto wallets creates a high-value target, since compromised systems can expose:

  • Private keys

  • API credentials

  • Sensitive development data

Terron Gold

Recent Posts

SWIFT Launches Blockchain Ledger Pilot With 17 Banks for Tokenized Deposits

SWIFT has launched a new blockchain-based ledger pilot with 17 major banks to test how tokenized deposits can move across…

6 days ago

Sony Bank Wins U.S. Approval to Launch Dollar Stablecoin Trust Bank

Sony Bank, the banking arm of Sony Financial Group, has received conditional approval from the Office of the Comptroller…

6 days ago

PayPal USD Launches Natively on Polygon to Expand Global Stablecoin Payments

PayPal has expanded its stablecoin strategy by launching PayPal USD (PYUSD) natively on the Polygon blockchain, giving businesses direct access…

7 days ago

BONK Faces $20 Million Treasury Attack After Malicious Governance Proposal Passes

BONK, one of Solana's most recognizable memecoins, is facing a major governance crisis after an…

1 week ago

World Leaves Solana for Robinhood Chain in Major Bet on Tokenized Finance

World, the blockchain ecosystem co-founded by Sam Altman, is shifting its prediction market infrastructure from Solana to the…

1 week ago

BNB Chain Unveils New Layer 1 Built for AI Agent Trading, Targets 2027 Mainnet Launch

BNB Chain has revealed plans to build a brand-new Layer 1 blockchain specifically designed for the next generation…

1 week ago