Scammers are targeting contributors to the viral AI project OpenClaw with a sophisticated phishing campaign aimed at draining crypto wallets.
By exploiting GitHub’s trusted notification system, attackers lure developers with a fake $5,000 token airdrop that leads directly to a wallet-draining script.
Fake $5K airdrop targets OpenClaw devs
Scammers used fake GitHub tags to lure users to a cloned site with a hidden wallet connect.
Accounts vanished within hours. No confirmed victims yet.
Stay alert
pic.twitter.com/ZYpmckDJ1j
— Bitinning (@bitinning) March 19, 2026
There are no smart contract exploits involved here. Just social engineering, leveraging the hype around AI agents, and unsuspecting users falling for the trap.
It comes as the broader crypto market suffered a slump overnight, with the total market cap falling 4% to $2.5 trillion, with 24-hour trading volume sitting at just over $125Bn.
The Lure: Fake Contributions and Hidden Scripts
According to a report by OX Security, threat actors create fraudulent GitHub accounts and open issue threads in repositories they control. They then tag dozens of authentic OpenClaw developers in these threads.
The message is flattering. It claims, “Appreciate your contributions on GitHub. We analyzed profiles and chose developers to get OpenClaw allocation.” The scammers promise $5,000 worth of $CLAW tokens and direct targets to a website that eerily mimics the official openclaw.ai domain.
Once on the site, users are prompted to “Connect your wallet” to claim the funds. This is the trap. The site executes a connection prompt designed to drain assets, powered by a heavily obfuscated JavaScript file hidden in the site’s code named “eleven.js.”
OX Security researcher Moshe Siman Tov Bustan noted that the campaign closely resembles previous attacks targeting the Solana ecosystem on GitHub.
DISCOVER: The Next 1000x Crypto Gem Before It Lists on Exchanges
Why OpenClaw and Why Now?
Peter Steinberger is joining OpenAI to drive the next generation of personal agents. He is a genius with a lot of amazing ideas about the future of very smart agents interacting with each other to do very useful things for people. We expect this will quickly become core to our…
— Sam Altman (@sama) February 15, 2026
OpenClaw is currently one of the hottest tech properties. The project has moved from a developer tool to a mainstream AI asset, especially after OpenAI CEO Sam Altman tapped creator Peter Steinberger to lead the company’s push into personal AI agents.
That legitimacy makes it dangerous. Scammers know that developers are currently paying close attention to the project. They also know that developers are likely to hold cryptocurrency and are comfortable using Web3 wallets.
This incident highlights a growing trend where legitimate tools are used as vectors for theft. It echoes Vitalik Buterin’s concerns about the intersection of AI and wallet security. As AI tools become central to the crypto workflow, the line between helpful automation and malicious extraction blurs.
The attackers even appear to be using GitHub’s “star” feature to build their target lists, ensuring they go after users who have actively engaged with OpenClaw repositories.
Visualizing the Threat: Immediate Protective Steps
If you are a developer or active GitHub user, you need to lock down your workflow immediately. The sophistication of these clones means visual inspection is often not enough.
- Verify the URL: Never click links inside GitHub issue threads from repositories you do not recognize. Always type the official domain manually.
- Check the Repo Owner: Official airdrops will come from the project’s main repository, not a random user’s fork. If the repository has few stars or was created recently, it is a trap.
- Use a Burner Wallet: Never connect your main holding wallet (cold storage) to any dApp or claim site. If you are interacting with a simplified protocol or an airdrop, use a hot wallet with minimal funds.
- Ignore Unexpected Tags: If you are tagged in a thread by a user you don’t know, treat it as spam instantly. Real projects announce allocations on their official X (Twitter) or Discord channels, not via mass-tagging in random issues.
DISCOVER: Top Crypto Presales to Watch Now
Follow 99Bitcoins on X (Twitter) For the Latest Market Updates and Subscribe on YouTube For Daily Expert Market Analysis.
The post OpenClaw Developers Hit by GitHub Phishing Attack: How to Protect Your Wallet appeared first on 99Bitcoins.
