Fraudsters are targeting contributors to the viral AI project OpenClaw with a sophisticated phishing campaign aimed at exfiltrating cryptocurrency wallets.
Attackers exploit GitHub’s trusted notification system to lure developers with a fake $5,000 token airdrop that takes them directly to a script that drains their wallets.
Fake $5,000 airdrop targeting OpenClaw developers
Scammers used fake GitHub tags to direct users to cloned sites with hidden wallet connections.
The account disappeared within hours. No victims have been identified yet.
Stay alert
pic.twitter.com/ZYpmckDJ1j
— Bitinning (@bitinning) March 19, 2026
There are no smart contract exploits involved here. It’s just social engineering using the hype about AI agents and unsuspecting users falling into the trap.
This comes as the broader cryptocurrency market slumped overnight, with market capitalization down 4% to $2.5 trillion and 24-hour trading volume at just over $125 billion.
(Source: CoinGecko)
Temptation: Fake posts and hidden scripts
According to the OX Security report, the attacker creates a fraudulent GitHub account and opens an issue thread in a repository that they control. Then tag dozens of real OpenClaw developers in these threads.
The message is flattering. “Thank you for your contributions on GitHub. We analyzed their profiles and selected developers to get OpenClaw quotas,” it claims. Scammers promise $CLAW tokens worth $5,000 and direct their targets to a website that eerily mimics the official openclaw.ai domain.
Upon accessing the site, users are asked to “connect their wallet” to receive funds. This is a trap. The site leverages a highly obfuscated JavaScript file hidden within the site’s code called “eleven.js” to execute a connection prompt designed to eject assets.
OX Security researcher Moshe Siman Tov Bustan noted that this campaign is very similar to previous attacks targeting the Solana ecosystem on GitHub.
Discover: Next 1000x Crypto Gems before being listed on exchanges
Why OpenClaw and why now?
Peter Steinberger joins OpenAI to power the next generation of personal agents. He’s a genius who has a lot of great ideas about a future where super-smart agents interact with each other to do really useful things for people. We hope this will soon become our core…
— Sam Altman (@sama) February 15, 2026
OpenClaw is one of the hottest technology assets today. The project has transitioned from a developer tool to a mainstream AI asset, especially after OpenAI CEO Sam Altman tapped developer Peter Steinberger to lead the company’s personal AI agent efforts.
That legitimacy poses a danger. Scammers know that developers are currently paying close attention to this project. They also know that developers are more likely to hold cryptocurrencies and are comfortable using Web3 wallets.
This incident highlights the growing tendency for legitimate tools to be used as vectors for theft. This echoes Vitalik Buterin’s concerns about the intersection of AI and wallet security. As AI tools become central to crypto workflows, the line between useful automation and malicious extraction is blurring.
The attackers appear to be using GitHub’s “star” feature to create a target list to ensure they are targeting users who are actively engaged with the OpenClaw repository.
Threat visualization: immediate protective action
If you’re a developer or an active GitHub user, you should lock down your workflows immediately. These clones are so sophisticated that visual inspection is often not sufficient.
Check the URL. Never click links in GitHub publishing threads from repositories you don’t recognize. Be sure to enter the official domain manually. Verify repository ownership: Official airdrops come from the project’s main repository, not a random user’s fork. If the repository has few stars or was recently created, it’s a trap. Use a burner wallet: Do not connect your main holding wallet (cold storage) to your dApp or billing site. If you are using a simplified protocol or airdrop, use a hot wallet with minimal funds. Ignore unexpected tags: If you’re tagged in a thread by someone you don’t know, immediately treat it as spam. Real projects announce assignments on official X (Twitter) or Discord channels, rather than mass tagging random issues.
Discover: Top Cryptocurrency Presales to Watch Now
Follow 99Bitcoins on Twitter for the latest market updates and subscribe on YouTube for daily expert market analysis.
The article OpenClaw developers hit by GitHub phishing attack: How to protect your wallet appeared first on 99Bitcoins.
