tldr; Hackers are targeting AI developers involved with the OpenClaw project using fake token airdrop scams to steal crypto wallets and SSH credentials. Attackers scrape GitHub profiles of developers interested in OpenClaw, then use GitHub notifications to lure victims to a cloned website. The site initiates wallet-draining malware and also deploys trojans via npm packages. OpenClaw’s creator warns the project has no token and advises caution. Developers should block malicious domains and treat unsolicited token offers as scams.
*This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.
1 Comment
tldr; Hackers are targeting AI developers involved with the OpenClaw project using fake token airdrop scams to steal crypto wallets and SSH credentials. Attackers scrape GitHub profiles of developers interested in OpenClaw, then use GitHub notifications to lure victims to a cloned website. The site initiates wallet-draining malware and also deploys trojans via npm packages. OpenClaw’s creator warns the project has no token and advises caution. Developers should block malicious domains and treat unsolicited token offers as scams.
*This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.