Phishing Attack Targets OpenClaw Developers
Cybersecurity researchers have uncovered a new phishing campaign targeting developers of the cryptocurrency wallet OpenClaw. The attackers are using GitHub to lure victims to a fake site where they are offered $5,000 worth of free tokens. In reality, this site allows the scammers to gain access to their cryptocurrency wallets and drain the funds.
How does this scheme work? First, the hackers create a fake GitHub page, mimicking the official OpenClaw repository. There, they post an announcement about a $5,000 token giveaway. When developers click the link, they are redirected to a cloned OpenClaw website, where they are prompted to connect their wallet to receive the reward. This step, however, gives the scammers access to the victims' cryptocurrency assets.
Experts advise developers to be extremely cautious with any offers of free cryptocurrencies or airdrops. Before providing access to their wallet, they should thoroughly verify the legitimacy of the source. Additionally, it is recommended to use two-factor authentication and maintain backup keys to minimize the damage in case of a breach.