A coordinated phishing campaign is targeting OpenClaw developers on GitHub, offering fake “$5,000 CLAW token” airdrops through cloned websites designed to drain cryptocurrency wallets, CoinDesk reported on March 19.

The attackers are tagging developers who have starred, forked, or contributed to the OpenClaw repository — a pool of over 247,000 GitHub stars worth of targets. The scam directs victims to a convincing clone of the OpenClaw site that prompts them to connect a wallet to “claim” a nonexistent token. Once connected, the site drains the wallet.

OpenClaw creator Peter Steinberger publicly addressed the campaign: “Folks, if you get crypto emails from websites claiming to be associated with openclaw, it’s ALWAYS a scam. We would never do that.”

How the Attack Works

According to The Block, attackers use GitHub’s notification system to reach developers directly. By opening issues or tagging users in comments on OpenClaw-adjacent repositories, the scam messages land in developers’ GitHub notification inboxes, bypassing email spam filters entirely.

The phishing domains mimic OpenClaw’s branding with enough fidelity to pass a quick glance. CCN reported that as of March 20, the domains remain live despite reports to registrars and hosting providers.

The playbook is borrowed directly from the 2023-2024 era of Solana and Shiba Inu token scams: hijack the brand of a legitimate, popular project, fabricate a token launch, and exploit the urgency of “limited time airdrop” messaging to bypass victims’ skepticism.

The Target Profile Makes This Effective

What distinguishes this campaign from generic crypto phishing is the targeting precision. OpenClaw’s GitHub contributor graph is public. Attackers can scrape every username that has interacted with the repository and cross-reference it with public profiles to find email addresses, wallet addresses mentioned in other repos, and social accounts.

Developers who build with OpenClaw are also disproportionately likely to have active crypto wallets. The intersection of the AI agent community and the Web3 developer community is large enough that a “CLAW token” airdrop doesn’t immediately register as implausible to everyone receiving it.

No Token Exists — And Likely Never Will

There is no CLAW token. OpenClaw has never announced any cryptocurrency. A token launch would be inconsistent with the project’s direction and Steinberger’s repeated public statements against crypto tie-ins.

Any communication claiming to offer an OpenClaw or CLAW token is fraudulent. Developers who have interacted with the phishing domains should revoke any wallet approvals granted during the interaction using tools like Revoke.cash and monitor their wallets for unauthorized transactions.

The phishing campaign underscores a pattern: when open-source projects go viral, the scam economy follows. OpenClaw’s 247,000+ GitHub stars make it one of the fastest-growing repositories of 2026, and that visibility comes with a target on every developer who clicked the star button.