A phishing campaign targeting developers who contributed to or starred OpenClaw repositories on GitHub attempted to drain crypto wallets by luring victims with fake token airdrops worth $5,000, according to a report from security firm OX Security published in mid-March 2026.
The attack exploited GitHub’s social features in a way that turned open-source participation into a targeting mechanism. Threat actors scraped the star lists of OpenClaw-related repositories to build a list of developer targets, then created fake GitHub accounts to open issue threads in attacker-controlled repos, tagging dozens of developers by username.
The phishing messages claimed recipients had won $5,000 in CLAW tokens and directed them to a cloned version of the legitimate openclaw.ai website. The clone added a “Connect your wallet” button that, once clicked, triggered a malicious obfuscated JavaScript file named “eleven.js” designed to exfiltrate wallet credentials.
The campaign surfaced weeks after OpenAI announced that OpenClaw creator Peter Steinberger would lead its AI agents initiative, suggesting the attackers deliberately timed the operation to exploit heightened interest in the project.
How the Wallet-Stealing Payload Worked
OX Security’s analysis revealed that eleven.js contained built-in commands labeled “PromptTx,” “Approved,” and “Declined” that encoded and transmitted wallet data to a command-and-control server. The script also included a “nuke” function that wiped evidence from the victim’s browser local storage after execution, an anti-forensics measure designed to complicate post-incident analysis.
Two phishing domains were identified: token-claw[.]xyz and watery-compost[.]today. Both hosted the cloned OpenClaw site. The fake GitHub accounts used in the campaign were created and deleted within hours of launch, a tactic that limited the window for platform-level detection and takedown.
No confirmed victims had been reported at the time of OX Security’s publication. An attacker wallet address identified in the analysis showed no incoming funds, indicating the campaign was either intercepted early or failed to convert its targets.
OpenClaw Creator Issues Warning as Broader Crypto Scam Risks Persist
Peter Steinberger responded directly to the campaign, warning the developer community against any crypto-related outreach invoking the OpenClaw name.
“Folks, if you get crypto emails from websites claiming to be associated with openclaw, it’s ALWAYS a scam. We would never do that. The project is open source and non-commercial. Use the official website. Be sceptical of folks trying to build commercial wrappers on top of it.”
Moshe Siman Tov Bustan, OX Security’s research team lead, noted the firm was still investigating potential connections to broader phishing operations: “We’re still analyzing the behavior and the relation of these campaigns.”
The incident highlights a growing pattern of GitHub-based social engineering targeting crypto-adjacent developers. Unlike traditional email phishing, this campaign weaponized repository interactions, a channel developers typically trust. The star-scraping method for target selection represents a relatively novel approach, turning a routine open-source engagement signal into an attack vector.
The attack comes during a period of broad market stress, with the crypto Fear & Greed Index sitting at 23, deep in “Extreme Fear” territory. Phishing campaigns historically intensify during volatile periods when traders and developers are more active and potentially less cautious.
Developers working on open-source crypto projects face elevated risk because their GitHub activity is public by design. Projects like OpNet and other blockchain infrastructure efforts that attract developer attention through starred repositories could face similar targeting. Even large-scale holders moving significant funds have drawn attention from threat actors monitoring on-chain and social signals.
OX Security recommended that developers block the two identified phishing domains across all environments and verify any unsolicited token offers through official project channels before interacting with unfamiliar links. No law enforcement agency or GitHub itself has issued a public statement on the campaign.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.