According to a report released by security firm OX Security in mid-March 2026, a phishing campaign targeting developers who contribute to or star the OpenClaw GitHub repository attempted to steal crypto wallets through a fake airdrop of tokens valued at $5,000.
The attack leveraged GitHub's social features, transforming open-source participation into a targeting mechanism. Attackers scraped the star list from repositories related to OpenClaw, creating a target list of developers, and then set up fake GitHub accounts to open issue threads in repositories controlled by the attackers, tagging dozens of developers' usernames.
The phishing message claimed that recipients had won $5,000 in CLAW tokens and directed them to a cloned legitimate openclaw.ai website. This clone added a “Connect Your Wallet” button, which, when clicked, triggered a malicious obfuscated JavaScript file named “eleven.js,” designed to steal wallet credentials.
This activity surfaced weeks after OpenAI announced that OpenClaw founder Peter Steinberger would lead its AI agent program, indicating that the attackers deliberately timed their efforts to exploit the project's visibility.
How Wallet Credentials Are Stolen
OX Security's analysis revealed that eleven.js contains built-in commands named “PromptTx,” “Approved,” and “Declined,” used to encode and transmit wallet data to a command and control server. The script also includes a “nuke” function that, when executed, clears evidence from the victim's browser local storage, a counter-forensic measure aimed at complicating post-attack analysis.
At the time of OX Security's release, there were no confirmed victim reports. A wallet address identified in the analysis showed no incoming transactions, indicating that the activity was either intercepted early or failed to convert its targets.
OpenClaw founder issues warning about ongoing risks of broader crypto scams
Peter Steinberger responded directly to this activity, warning the developer community to avoid engaging with any crypto activities claiming to be associated with OpenClaw.
“Everyone, if you receive crypto emails from websites claiming to be related to openclaw, it is definitely a scam. We would never do that. The project is open-source and non-commercial. Please use the official website. Be skeptical of those trying to build commercial packaging on it.”
OX Security's research team leader Moshe Siman Tov Bustan noted that the company is still investigating potential links to broader phishing activities: “We are still analyzing the behavior of these activities and their relevance.”
This incident highlights the increasing prevalence of GitHub-based social engineering attacks targeting crypto-related developers. Unlike traditional email phishing, this activity exploited the interactivity of repositories, a channel that developers typically trust. The method of targeting through star scraping represents a relatively novel approach, transforming conventional open-source participation signals into attack vectors.