See more like this on Google
Share article
Share article
OpenClaw developers are being baited with a "free $Claw" airdrop that does not appear to exist, the latest reminder that phishers have shifted from spraying retail to hunting maintainers with commit rights. The catalyst is a wave of GitHub posts pushing wallet connections under the guise of token rewards. [1]
Enjoy articles without ads?
Register for free and get unlimited access to all articles.
What happened on GitHub
Security firm OX Security said Wednesday (March 18, 2026) it observed a phishing campaign aimed at contributors to OpenClaw, an open-source AI project with a busy developer surface area. The attacker's playbook is familiar but effective: drop convincing looking GitHub activity (issues, comments, or repository posts) that promises $Claw tokens, then funnel targets to an external site where they are prompted to connect a crypto wallet to "claim" the reward. [1] [2]
The lure is tuned for developers, not "apes" (overexcited buyers who chase freebies). By targeting contributors inside GitHub, the scam inherits a bit of legitimacy from the platform and relies on the fact that devs are already context switching between code, tooling, and links. That is where mistakes happen.
OX Security said it has not confirmed any victims so far, which is the only good news here.
Why the "CLAW" token looks like pure bait
No official OpenClaw token announcement was highlighted in the security write-up, and the campaign's strength is psychological rather than on-chain. A legit airdrop typically comes with verifiable artefacts: an official announcement trail, a documented token contract, and consistent links across the project's owned channels. This scam flips that: it leads with the "reward," then asks for the wallet connection first. [3]
That ordering matters. Modern wallet drainers do not need your seed phrase. They need a signature, an approval, or a transaction you think is harmless. Once you sign, the attacker can often escalate into token approvals or direct transfers, especially if the site guides you through multiple prompts and labels them as "verification."
OpenClaw creator issues a warning
OpenClaw creator Peter Steinberger separately warned the community on X, reinforcing that the $CLAW pitch is not something to casually click through. When maintainers go public quickly, it usually means the scam has enough reach to be seen by core contributors, not just random drive-by accounts. [4]
Why attackers are targeting maintainers, not just users
This is not only about draining a personal wallet. Developers tend to hold more valuable keys in the broad sense: access to org repos, package publishing rights, CI secrets, and distribution channels. A stolen wallet is bad, but a compromised maintainer account can become a supply-chain incident, which is proper catastrophic if malicious code gets shipped downstream.
Risk box: what would invalidate the scam, and what to do now
Assume it is malicious unless proven otherwise. Things that would need to be true before you even consider interacting:
- OpenClaw publishes a token claim process via official channels (project site, verified social accounts, signed releases) with consistent URLs.
- A verifiable token contract is shared and corroborated by multiple trusted community members.
- The claim flow does not require broad approvals or opaque signatures.
If you already clicked:
- Revoke recent token approvals using a reputable revocation tool for your chain.
- Move assets to a fresh wallet if you signed anything you did not fully understand.
- Rotate GitHub credentials, enable hardware-backed 2FA, and review org access.
