Security platform OX Security recently disclosed a targeted phishing campaign against OpenClaw developers. OpenClaw is a highly visible open-source AI agent project. Attackers built fake GitHub accounts recently. They opened issues in repositories they controlled. They then mentioned dozens of developers. The lure promised a $5,000 CLAW token reward.
Technical Execution
The malicious links redirected users to a clone of the openclaw.ai website. The fake site presented a connect wallet button. The attackers designed this button to steal crypto assets.
The underlying code relied on heavy obfuscation. The attackers hid malicious logic inside JavaScript files. The script included a specific nuke function. This function cleared browser local storage data. Erasing the storage data hindered forensic analysis. The script then transmitted encoded wallet addresses and transaction values back to a command-and-control server.
Broader Ecosystem Threats
The OpenClaw incident fits a broader pattern of infrastructure attacks targeting open-source developers. Threat actors are aggressively utilizing phishing tactics against package registries like npm and PyPI to compromise the software supply chain.
Recently, the North Korean state-sponsored Lazarus Group deployed a sophisticated campaign using fake job interviews. They impersonated blockchain recruiters on platforms like LinkedIn and sent developers coding challenges. These seemingly harmless GitHub repositories contained malicious npm and PyPI dependencies that installed remote access trojans on the developers’ machines.
Another recent attack vector involved credential harvesting through typosquatted domains. Attackers targeted PyPI maintainers with emails from pypj.org and pypi-mirror.org, claiming urgent account verification was required. These links directed users to identical replica login portals. Once developers entered their credentials, the attackers captured the authentication data and quietly passed the session to the legitimate site. These supply chain attacks aim to inject malicious code into trusted, high-download packages, turning standard update protocols into massive malware distribution networks.
Current Status
Researchers found a cryptocurrency wallet address suspected of holding stolen funds from the OpenClaw campaign. The attackers deleted the fake GitHub accounts within hours of creation. Security teams report zero confirmed victims.
OpenClaw remains a frequent target for scammers. The project saw a flood of crypto spam in the official Discord community previously. You must verify URLs before connecting your wallet to new platforms or logging into package registries. You should deeply inspect network requests and dependencies when facing unexpected airdrops or urgent credential verification requests. Protect your assets and infrastructure by maintaining strict operational security.
