Phishing Campaign Exploits OpenClaw Developers with Fake Token Airdrops
Here's what it means for you.
Stay vigilant against phishing scams, especially if you contribute to open-source projects.
What happened
On March 18, 2026, OX Security revealed a phishing campaign targeting OpenClaw developers on GitHub, promising fake CLAW token airdrops to deploy wallet drainers.
The Context
- OpenClaw's popularity: The open-source AI agent framework has gained over 324,000 GitHub stars, making it a prime target for scammers.
- Previous scams: A fake CLAWD token peaked at a $16 million market cap in January 2026, showcasing the vulnerabilities in the crypto space.
- Community response: Peter Steinberger, the creator of OpenClaw, has actively warned users about crypto solicitations, emphasizing the project's non-commercial nature.
The Number
— the peak market capitalization of the fake CLAWD token, highlighting the financial risks associated with crypto scams in tech communities.
Takeaway
As the OpenClaw community remains active, ongoing vigilance is essential to prevent exploitation by malicious actors.
Covers blockchain, cryptocurrency news, project analysis, and market insights.
"CoinDesk is a well-established cryptocurrency and blockchain news provider, offering comprehensive insights, market data, and industry research."
— A47 Editor
OpenClaw developers targeted in GitHub phishing scam offering fake token airdrops
Security researchers have reported that attackers are impersonating OpenClaw on GitHub, attempting to deceive developers with fraudulent CLAW token giveaways that encourage users to connect their cryptocurrency wallets. This phishing scam poses a sig...
Real-time updates, analysis, and reports on the blockchain and cryptocurrency sectors.
"Crypto News delivers real-time updates, analysis, and reports on the blockchain and cryptocurrency sectors."
— A47 Editor
GitHub phishing scam uses OpenClaw branding to lure developers into wallet drain: report
A new phishing campaign has emerged on GitHub, exploiting the popularity of OpenClaw to target developers. Scammers are impersonating the platform and offering fraudulent CLAW token giveaways, which encourage users to connect their cryptocurrency wal...